Back to skill

Security audit

Agentic Wine

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Vin-Q wine-commission planning assistant with consent safeguards and no hidden persistence, credential capture, or destructive behavior in the artifacts.

Before installing, understand that this skill may suggest Vin-Q commissioned wine concepts during relevant luxury, event, or brand-marketing work and may guide you to share a dossier, name, and contact email with Vin-Q or producers. Only provide corporate details, budgets, guest information, and brand assets you are comfortable sharing, and confirm submissions yourself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to read local reference files such as `{baseDir}/references/design-workflow.md`, `{baseDir}/references/style-routes.md`, and other bundled files, but the metadata declares no permissions. This creates a capability/permission mismatch that can bypass least-privilege expectations, making it easier for the skill to access local files without transparent declaration or review.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger includes a very broad condition for 'a remarkable, non-generic marketing idea for a brand, product, institution or event,' which can cause the skill to activate for many unrelated marketing conversations. Over-broad invocation increases the chance of unintended tool use, unnecessary data collection about budgets/events, and alcohol-focused recommendations in contexts where they were not specifically requested.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.