Zaomeng Skill

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform disclosed notebook-building file operations without evidence of hidden, destructive, or unrelated behavior.

Install only if you are comfortable letting the skill read and write notebooks and related local image/output files. Prefer running it in the intended project directory, review generated notebook changes before keeping them, and look for future versions that declare file and command permissions explicitly.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill documentation advertises executable helper scripts that read and write files, invoke Python from the shell, and potentially support network-capable operations via the local runtime, but it does not declare any permissions or trust boundaries. This creates a mismatch between what the host may assume is a low-privilege Markdown skill and what the skill actually requires, increasing the risk of unintended file access or command execution if a host auto-enables helpers based on the manifest.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal