Teslamate Skills

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its TeslaMate purpose, but its location features can send precise vehicle and destination data to public map services without clear privacy warning or consent.

Install only if you are comfortable exposing TeslaMate vehicle telemetry to this skill and, for address or route commands, to public map services. Keep Grafana private and read-only, verify the workspace config points to your own Grafana, and avoid route/location/address features unless you accept the third-party location-data exposure or modify them to use trusted self-hosted services.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (9)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 82% confidence
Finding: The skill documents network-based behavior and local configuration but does not declare permissions or clearly scope its external communications. This creates a transparency and consent problem: users may invoke the skill without understanding that it can reach internal services and potentially transmit vehicle-related data over the network.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The documented behavior exceeds the declared purpose by performing geocoding, reverse geocoding, and route planning via third-party services, which can disclose precise vehicle locations, trip history, and user-entered destinations outside the TeslaMate/Grafana environment. In a vehicle telemetry skill, that mismatch is especially dangerous because location data is highly sensitive and can reveal routines, home/work addresses, and current whereabouts.

Description-Behavior Mismatch

Medium

Confidence: 80% confidence
Finding: Route planning to arbitrary destinations materially expands the skill from passive TeslaMate querying into active processing of user-supplied location data. Even if intended as a convenience feature, it changes the privacy profile and may cause sensitive destination data to be sent to external mapping or routing services.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: Although the skill is described as querying TeslaMate data via Grafana, it also sends precise vehicle coordinates and user-provided destinations to third-party services such as Nominatim and OSRM. This materially expands the data-sharing surface beyond the stated purpose and can disclose sensitive location history and travel intent to external operators without clear consent.

Context-Inappropriate Capability

High

Confidence: 94% confidence
Finding: The external geocoding and routing functions are not necessary to fulfill the advertised Grafana/TeslaMate query role and introduce additional outbound network behavior handling sensitive location data. In a vehicle telemetry skill, unjustified expansion of capabilities is especially risky because location and destination data are highly sensitive and can reveal home, work, routines, and current whereabouts.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The README explicitly advertises trip history, address lookup, reverse geocoding, and routing via external services (Nominatim/OSRM) but does not warn that sensitive location and travel data may be transmitted off-box. In the context of a Tesla vehicle telemetry skill, trip origins/destinations and current location are highly privacy-sensitive and can reveal home/work patterns, routines, and presence/absence information.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill handles highly sensitive vehicle status, current location, and travel-history data but does not warn users about the privacy implications. Without an explicit warning, users may unknowingly expose home/work patterns, live location, and historical movement data through queries or downstream services.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The reverse-geocoding function transmits exact vehicle latitude and longitude to an external service, which can reveal a user's current or historical locations with high precision. Because this occurs without explicit user-facing warning or consent, it creates a significant privacy risk, especially given the sensitivity of vehicle location data.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The geocoding function sends user-supplied destination addresses to Nominatim without clear disclosure. While this is less sensitive than transmitting live vehicle coordinates, destination addresses still reveal private intent, habits, or personally sensitive locations such as home, work, medical, or religious destinations.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal