Music Research (Crate)

Security checks across malware telemetry and agentic risk

Overview

This music research skill appears coherent, but it needs review because it runs an unpinned external npm MCP server with API keys and includes public publishing and persistent memory features without clear confirmation or cleanup guidance.

Install only if you trust the `crate-cli` npm package and its publisher. Prefer pinning or verifying the package version, provide only the API keys you need, and tell the agent to ask before publishing to Telegraph or Tumblr or writing persistent memory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises anonymous publishing (Telegraph, Tumblr) and persistent memory capabilities, but it does not warn users that content may be made public or stored across sessions. In an agent setting, this can lead to unintended disclosure of prompts, research notes, user data, or preferences if the tools are invoked without explicit user understanding and consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal