Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Security audit
Ontology Local
Security checks across malware telemetry and agentic risk
Overview
This skill is a local knowledge-graph memory tool; it stores user-provided structured data in workspace files and shows no hidden network, credential, or privileged behavior.
Install only if you want a persistent local memory graph shared across skills. Do not store passwords, tokens, or unnecessary private details in it, review memory/ontology periodically, and verify the publisher/version because the bundled metadata and registry metadata differ. Static scan was clean and VirusTotal was pending, so neither provides artifact-backed evidence of malicious behavior.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)
Vague Triggers
Medium
- Confidence
- 93% confidence
- Finding
- The manifest description says to trigger on broad phrases like "remember" and "what do I know about," as well as generic conditions like "entity CRUD" and "cross-skill data access." These overlap with common conversational requests and do not define clear scope boundaries or exclusion conditions, which could lead to accidental activation.
VirusTotal
67/67 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.