Back to skill

Security audit

korea-air-quality

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Korea air-quality lookup and alert skill, with some local privacy and portability caveats users should review.

Install only if you are comfortable with this skill writing local data files for saved regions, exact saved coordinates, alert rules/history, station cache, and possibly an AirKorea API key. Prefer using AIRKOREA_API_KEY from the environment instead of storing the key in data/config.json, avoid saving precise coordinates unless needed, and review any generated cron plan before using it because it contains a hard-coded local path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill describes capabilities that read environment/configuration, perform network access, and read/write local files, yet it declares no permissions or trust boundaries. This creates a mismatch between what the skill can do and what users or the platform may expect, increasing the risk of unnoticed data access, persistence, and outbound transmission.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The cron-plan builder emits job payloads containing a hard-coded local Windows workspace path and explicit execution instructions. This leaks local environment details and couples the skill to a specific host layout, which can expose sensitive operational metadata and encourage downstream agents to execute filesystem-specific commands derived from skill output.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs storing a user's default region or current location in a local file, which is location-related personal data, without any user-facing notice, consent flow, retention policy, or deletion semantics beyond an example command. Persistent storage of location data can expose sensitive movement/home-area information if accessed by other local processes or mishandled.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill supports recurring alerts and cron-based monitoring with local rule/state storage but does not clearly warn users that monitoring state and prior alert status will persist. Persistent monitoring can reveal user routines, health-related concerns, or location preferences over time, and silent state retention increases privacy and transparency risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill persists per-user default regions and precise latitude/longitude coordinates to local JSON files without any notice, consent flow, retention policy, or access controls. Location data is sensitive personal information, and storing it silently increases privacy risk if the workspace is shared, backed up, or otherwise accessible to other processes or users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.