Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
出境游旅行助手
Security checks across malware telemetry and agentic risk
Overview
This appears to be a travel-assistant skill that uses a cloud proxy and optional proxy token for its intended function, with no evidence of hidden persistence or broad credential harvesting.
Install only if you are comfortable sending travel-search details through the configured cloud proxy. Do not set PROXY_TOKEN unless you trust the proxy operator and understand that the token may be sent with requests.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)
Env Variable Harvesting
High
- Category
- Data Exfiltration
- Content
import urllib.error PROXY_URL = "https://1439498936-460a7b6oqn.ap-guangzhou.tencentscf.com" PROXY_TOKEN = os.environ.get("PROXY_TOKEN", "") # ============================================================ # 第一组:RG代理工具 (5个)- Confidence
- 70% confidence
- Finding
- os.environ.get("PROXY_TOKEN
VirusTotal
65/65 vendors flagged this skill as clean.