Back to skill

Security audit

Tianapi Vehiclelimit - 城市车辆限行查询

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward TianAPI vehicle-restriction lookup tool, with ordinary API-key and network-use risks that are disclosed enough for its purpose.

Install only if you are comfortable using TianAPI. Prefer setting TIANAPI_VEHICLELIMIT_KEY as an environment variable, avoid passing the key on the command line, protect any .env file, and understand that each lookup sends the API key plus city or city code to TianAPI.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill documentation describes and enables capabilities to read environment variables, read local files such as scripts/.env, and make outbound network requests, but it does not declare corresponding permissions. This creates a transparency and governance problem: users or orchestrators may approve or run the skill without understanding that secrets and user input will be sent to an external API.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The usage guidance tells the agent to extract a city name or code and call a third-party API, but it does not warn that the user's query data and the API key are sent to TianAPI. This omission weakens informed consent and can lead to accidental disclosure of user-provided location-related data and credentials to an external service.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script places the API key in the URL query string, which can be exposed through logs, browser/history equivalents, intermediary proxies, monitoring systems, or exception traces even when HTTPS is used. In this skill context, the key is an authentication secret for a third-party service, so unnecessary URL exposure increases credential leakage risk beyond the direct TLS transport.

Credential Access

High
Category
Privilege Escalation
Content
# 方式一:环境变量(推荐,一次配置永久生效)
    export TIANAPI_VEHICLELIMIT_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_VEHICLELIMIT_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
Confidence
88% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
export TIANAPI_VEHICLELIMIT_KEY=你的APIKey

    # 方式二:.env 文件(在脚本目录创建)
    echo "TIANAPI_VEHICLELIMIT_KEY=你的APIKey" > scripts/.env

    # 方式三:每次命令行传入
    python3 scripts/fetch_vehiclelimit.py --key 你的APIKey --city 北京
Confidence
96% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.