Back to skill

Security audit

Nutrient Query - 营养成分表

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward nutrition lookup skill, but its API key handling examples and CLI documentation are sloppy enough that users should configure secrets carefully.

Install only if you are comfortable using a TianAPI account key for nutrition lookups. Prefer setting TIANAPI_NUTRIENT_KEY in your environment or a protected secret store, avoid passing the key on the command line or in shared URLs, and do not commit scripts/.env. Expect the current CLI examples to need adjustment before the skill works reliably.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
76% confidence
Finding
The skill's top-level description focuses on nutrient lookup, but the documented behavior also includes outbound requests to a third-party service and reading credentials from env/.env without making those behaviors prominent in the declaration. That mismatch can mislead users and automated policy systems about data flows and trust boundaries, increasing the risk of inadvertent secret exposure or unintended network use.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Passing an API key directly on the command line can expose the credential through shell history, process listings, terminal logging, CI logs, or telemetry. In this context the risk is real because the documentation actively encourages an unsafe invocation pattern without warning users about that exposure.

Credential Access

High
Category
Privilege Escalation
Content
# 方式一:环境变量(推荐,一次配置永久生效)
    export TIANAPI_NUTRIENT_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_NUTRIENT_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
Confidence
84% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
export TIANAPI_NUTRIENT_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_NUTRIENT_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
    python3 scripts/fetch_nutrient-query.py 你的APIKey 油条
Confidence
80% confidence
Finding
.env

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.