Local MCP Server

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill is coherent, but it should be reviewed carefully because it gives AI models local file access and shell execution without enough documented safeguards.

Install only if you intentionally want an AI model to access local files and run shell commands. Before use, inspect the repository and setup script, disable Bash unless needed, restrict allowed paths to a throwaway or least-privilege workspace, require confirmation for risky commands, and do not expose the MCP server beyond localhost.

SkillSpector (2)

By NVIDIA

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The README explicitly promotes capabilities to read files, execute bash commands, and search the local filesystem, but it does not provide a clear warning that connecting an LLM to these tools can expose sensitive data or trigger harmful local command execution. In the context of an MCP server intended for AI model integration, this omission increases the chance that users enable powerful local tooling without understanding the security implications.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly advertises file-reading and bash-execution capabilities, which give any connected model a direct path to local data access and command execution. Although the document mentions sandboxing and forbidden commands, it does not clearly warn users that enabling these tools can expose sensitive files or allow dangerous system actions if the model is prompted maliciously or the sandbox is misconfigured.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal