Back to skill

Security audit

Tristan RFQ overseer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed RFQ workflow that uses an Obsidian vault, email, Telegram, and local pricing scripts without evidence of hidden execution, exfiltration, or automatic sending.

Install only if you are comfortable connecting the agent to your RFQ vault plus email and Telegram channels. Use a dedicated vault or narrow RFQ folders, run a dry test first, and verify your email connector enforces the documented explicit confirmation before any outbound quote is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares operational behavior that clearly requires reading from and writing to an Obsidian vault, but it does not declare corresponding permissions. Undeclared capability use weakens reviewability and can let a skill access or modify local data outside an explicitly approved security boundary, which is especially sensitive here because RFQs, supplier pricing, and client communications may contain confidential business information.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The markdown output includes persuasive language telling the operator what 'number to show a client' and framing the result to overcome a client's assumption. In a procurement workflow, this crosses from neutral analysis into influence-oriented messaging, which can bias downstream communications without explicit user opt-in and may facilitate misleading or manipulative client-facing output.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.