Assistant Reliability Watchtower

Security checks across malware telemetry and agentic risk

Overview

The available evidence shows a purpose-aligned skill with a least-privilege documentation gap, not hidden or malicious behavior.

Before installing, confirm you are comfortable with the skill running its local Python/shell helper and reading the intended workspace or environment-derived paths. Prefer running it in a limited project directory and review any wrapper commands before allowing them to act on sensitive files or secrets.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill instructs operators to run a Python wrapper and references environment variables, filesystem reads, and shell commands, but it declares no corresponding permissions. This creates a capability/permission mismatch that can undermine security review and least-privilege enforcement, because users or orchestration layers may not realize the skill can access repo files, environment-derived paths, or execute subprocesses.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal