Back to skill

Security audit

HSCIQ MCP - 海关编码查询

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate customs-code lookup skill, but it needs Review because it can create external consultation records and upload product details or images without a clear confirmation step.

Install only if you are comfortable giving this skill an HSCIQ API key and sending selected product information or images to HSCIQ for possible human review. Before using consultation creation, image upload, discussion replies, or paid consultation fields, require the agent to show the exact fields and files and ask for your explicit approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README advertises automatic submission of product information and images to an external consultation service, but it does not warn users that potentially sensitive commercial data and uploaded files will be transmitted off-host. In an agent skill context, this is more dangerous because users may invoke the capability through automation and may not realize that proprietary product details, documents, or images are being sent to a third-party API for human review.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation states that product information and images can be automatically submitted for expert review, but it does not clearly warn users that this involves transmitting potentially sensitive business data and images to a third-party service. Users may believe the action is a local classification aid when it actually persists and shares data externally, creating privacy, confidentiality, and compliance risks. The danger is heightened because the uploaded materials could contain proprietary product information or identifying metadata.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The CLI can transmit sensitive business and personal data including product descriptions, contact details, and base64-encoded images to a remote service, but there is no explicit runtime consent prompt or prominent warning before submission. In a CLI or agent setting, users may not realize that local files and entered identifiers are being exfiltrated off-host, which creates privacy and confidentiality risk, especially for proprietary product information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
hsciq-client.js:9