Back to skill

Security audit

Save Article Universal

Security checks across malware telemetry and agentic risk

Overview

The skill is a user-run article saver that fetches a supplied URL and writes Markdown notes locally, with a real documentation gap around unimplemented Notion support.

Install only if you are comfortable with the skill contacting the article URL you provide and saving the fetched content into your configured notes folder. Choose an explicit output directory, avoid internal or sensitive URLs, and do not rely on Notion support in this version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises and documents capabilities to fetch remote content, invoke shell/curl, access environment data, and write files, but it does not declare permissions. This creates a trust and review gap: users and security controls cannot accurately assess that the skill may read local context, make network requests, and persist content to disk or third-party destinations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented behavior claims support for Notion, but the analyzed implementation reportedly lacks the corresponding API/save logic and may fail when users select that method. Security-relevant documentation mismatches are dangerous because users may route sensitive article content or credentials based on false assumptions, leading to unintended errors, data exposure, or misuse of alternative paths.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill description does not warn users that fetched article content may be written to arbitrary local folders or synchronized into third-party note services. In this context, the omission is meaningful because the tool's core function is data export; without clear disclosure, users may unintentionally store copyrighted, sensitive, or account-linked content in locations with different security and privacy properties.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.