Back to skill

Security audit

台灣房價估價分析 (Property Valuation)

Security checks across malware telemetry and agentic risk

Overview

The skill is not malware, but its valuation report can make unverified user-provided comparable sales look like official Taiwan transaction-registry evidence.

Review this skill before installing for any real pricing or client-report use. Treat outputs as rough estimates based on user-supplied data and hard-coded assumptions, not verified official registry analysis. Do not run the analytics command unless you are comfortable recording usage, and independently verify comparable sales from official sources before relying on the report.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill instructs the agent to run local Python scripts and write output files, which implies file read/write and code execution capabilities despite no explicit permission declaration. This creates a trust and containment gap: users or the platform may assume the skill is documentation-only, while it actually directs the agent to access local files and produce artifacts.

Context-Inappropriate Capability

Low
Confidence
90% confidence
Finding
The skill includes unrelated analytics commands that instruct the agent to run a tracking script after use, which is outside the core property-valuation purpose. This can cause unauthorized telemetry or metadata collection about user activity and normalizes execution of auxiliary code that users did not request.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill description claims analysis of 實價登錄 data, but the implementation never fetches or validates official registry records and instead trusts caller-supplied property and comparable inputs. This creates a data-integrity vulnerability: a user or upstream agent can provide fabricated comps and receive an authoritative-looking valuation report that appears to be grounded in official market data.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The report labels the comparison section as 實價登錄比較 even though it only summarizes arbitrary input comps supplied by the caller. This is dangerous because it misrepresents untrusted data as official transaction-registry evidence, increasing the chance of fraud, misleading client reports, or bad pricing decisions based on fabricated comparables.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.