Chat Bus

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed shared-folder chat tool, but it needs review because unchecked room and user path inputs can affect files outside the intended chat directory.

Install only for a dedicated shared folder with trusted participants. Do not send secrets, do not treat usernames or room membership as authenticated, and avoid using room or user names from untrusted input until path validation, containment checks, and registration checks are added.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill clearly describes and instructs use of filesystem read/write behavior through a shared directory message bus, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users or hosting platforms may grant or review the skill as if it were low-privilege when it actually reads and writes persistent files, including plaintext messages and user metadata.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal