Back to skill

Security audit

github-mpc

Security checks across malware telemetry and agentic risk

Overview

This is a transparent setup guide for MCP integrations, with sensitive credential use that fits its stated purpose but needs careful handling.

Install only if you intend to configure this Product Guide Writer workflow for the named Trading212 systems. Use least-privilege or fine-grained tokens where possible, avoid pasting secrets into chat or committed files, verify MCP package names and endpoints before use, and enable optional Figma or Elasticsearch access only when needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill explicitly instructs the agent to inspect a user-specific local path under the home directory to determine MCP status, but it does not require user consent or warn that local filesystem state will be accessed. While the target path is configuration-oriented rather than obviously sensitive, reading local directory structure can still expose environment details, usernames, workspace names, and installed integrations without clear authorization boundaries.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to perform authenticated Atlassian checks and later GitHub validation/searches using the user's configured MCP servers, but it does not warn that external services will be contacted with the user's credentials. This can trigger unintended data disclosure, audit-log entries, or actions under the user's identity, especially when testing access to organizational resources.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.