Back to skill

Security audit

Sql To Dashboard

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-focused SQL visualization skill; the scanner’s file-access concerns are explained by a local test file, not by hidden runtime behavior.

Safe to install for normal use as a chart-spec helper, but treat generated dashboards as drafts. Avoid pasting sensitive query results unless you are comfortable sharing them with your agent environment, and ask for disclosure when large datasets are sampled or aggregated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill is declared as a documentation-only SQL visualization skill, yet static analysis detected file-read capability without corresponding permission disclosure. Undeclared file access expands the trust boundary: a user invoking a charting skill would not reasonably expect repository or local file inspection, which can expose sensitive files or metadata if the runtime permits it.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
This is a strong true positive because the documented purpose is SQL-to-dashboard conversion, but the observed behavior includes repository inspection, secret scanning, packaging/compliance validation, and unrelated test harness execution. That mismatch is dangerous because it can trick users or orchestrators into granting execution in a benign-looking context while the skill performs broader reconnaissance over local project files, increasing the chance of sensitive data exposure or unintended side effects.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.