Maven Full Runner

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent Maven command wrapper; its main risk is the normal power of letting Maven run builds and plugins.

Install this only if you are comfortable allowing the agent to run Maven with the same effects as a direct mvn command. Review requested goals, plugin invocations, profiles, and -D options before using it on sensitive or untrusted projects.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The changelog documents a security-relevant downgrade from restricted Maven usage to full passthrough mode, including removal of the goal allowlist and fixed-option limits. In an agent skill context, unrestricted passthrough can let a caller invoke arbitrary Maven goals/plugins and supply attacker-controlled arguments, substantially increasing the risk of command execution, unsafe plugin invocation, or policy bypass.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal