Back to skill

Security audit

Oil Price - 实时油价查询

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward oil-price lookup that uses a TianAPI key and province name, with some credential-handling and documentation issues users should handle carefully.

Install only if you are comfortable using TianAPI and sending your API key plus province query to that provider. Prefer a secret manager or environment variable for TIANAPI_OIL_PRICE_KEY, avoid command-line key passing, and do not commit or share any .env file containing the key. Expect a small reliability issue until the documented --json mode and command examples are fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation describes use of environment variables, reading a local .env file, and making outbound API requests, but no explicit permission/scope declaration is surfaced in the skill content beyond runtime requirements metadata. This can lead users or orchestrators to underestimate the skill's access to local secrets and external network destinations, reducing transparency and weakening trust boundaries.

Intent-Code Divergence

Low
Confidence
96% confidence
Finding
The script documents a --json mode and later accesses args.json, but argparse never defines that option. This causes a runtime AttributeError or unusable CLI behavior, creating a reliability/availability issue that can break agent integrations expecting machine-readable output.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation guidance is broad: it triggers whenever a user asks about oil prices or gasoline prices, then instructs the agent to execute the script. Without constraints such as required province extraction, confirmation before external calls, or limiting to this specific API use case, the skill may activate too eagerly and send data or consume API quota unnecessarily.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The instructions tell the agent to call a third-party API using an API key and a user-supplied province, but they do not warn that both the credential and location query are transmitted to TianAPI. This omission reduces informed consent and can expose user query data and billing-linked credentials to an external service without clear disclosure.

Credential Access

High
Category
Privilege Escalation
Content
# 方式一:环境变量(推荐,一次配置永久生效)
    export TIANAPI_OIL_PRICE_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_OIL_PRICE_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
Confidence
93% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
export TIANAPI_OIL_PRICE_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_OIL_PRICE_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
    python3 scripts/fetch_oil_price.py 你的APIKey
Confidence
95% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.