Back to skill

Security audit

Seo Scout Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is not hidden malware, but it includes stealth browser guidance, automated third-party submission templates, and weak credential-handling advice that users should review carefully.

Install only if you will use it for authorized scouting and manual review. Avoid using the anti-detect, stealth browser, Cloudflare bypass-style, and automated submission guidance against sites you do not control or lack permission to test. Do not store real credentials in plain config files; use isolated accounts and a proper secrets mechanism if credentials are required.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill advertises operational scanning capabilities while declaring no permissions, yet static analysis detected shell-capable behavior. That mismatch reduces transparency and can enable command execution in environments where reviewers or users do not expect it, increasing the risk of misuse or unsafe invocation.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill's stated purpose is discovery and analysis, but the content expands into anti-detection, submission workflow enablement, and adapter generation for automation. This mismatch is dangerous because it obscures higher-risk functionality, making unsafe or policy-evasive use more likely and undermining informed review and consent.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill advertises discovery and analysis, but this section includes a concrete adapter that performs live form submission. That materially expands the capability from reconnaissance into automated interaction with third-party sites, increasing the risk of unauthorized submissions, policy violations, and misuse in spam or deceptive promotion workflows.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
This section explicitly provides stealth and anti-detection guidance to conceal automation signals and evade bot-detection defenses. In context, that is not needed for passive discovery and instead enables circumvention of site protections, which can facilitate abusive automation against third-party services.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The auth section goes beyond detecting authentication and gives operational playbooks for registering accounts, storing credentials, and reusing OAuth sessions. That broadens the tool into account operation and session persistence, creating avoidable risk around credential handling and unauthorized access patterns.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The explicit `anti-detect` command promotes browser stealth/evasion without any warning about legal, policy, or website terms-of-service risks. In the context of backlink submission and form targeting, stealth guidance can facilitate deceptive automation, bypass abuse controls, and increase the likelihood of spam or unauthorized interaction with third-party sites.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The adapter template culminates in clicking a real submit button and treating the result as a successful submission, yet the surrounding shell output frames it as template/help content rather than a sensitive action. Without an explicit confirmation or dry-run default, users can easily repurpose it to send unintended submissions to external sites.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The file tells users to store account credentials in config.yaml without any guidance on secret protection. That encourages insecure secret management practices, increasing the chance of credential disclosure through source control, logs, backups, or accidental file sharing.

Ssd 2

Medium
Confidence
98% confidence
Finding
Although presented as browser setup advice, this content semantically teaches evasion of bot-detection systems through patched automation fingerprints, human-like typing, and environment spoofing. In context, that enables bypass of defensive controls on third-party sites and is therefore security-relevant and dangerous.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.