CRISPIR sgRNA Designer

Security checks across malware telemetry and agentic risk

Overview

The skill does not show hidden persistence or data theft, but it overstates CRISPR safety/design capabilities that the included script does not implement.

Review carefully before installing or relying on outputs. Treat results as preliminary candidate generation only, not validated CRISPR design; verify guides with dedicated off-target analysis, donor-design tools, and appropriate biosafety or institutional review. Use direct sequence input instead of accession lookup if external NCBI queries are not acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill declares that it will fetch reference sequences from NCBI E-utils, which is a network-capable behavior, but no permissions are declared. Hidden or undeclared network access weakens user trust, breaks least-privilege expectations, and can expose prompts, identifiers, or queried targets to third-party services. In a bioinformatics skill, network use may be legitimate, but it still must be explicit because external retrieval changes the data-flow and privacy/security posture.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 97% confidence
Finding: The skill materially overstates its capabilities by claiming low-off-target, professional-grade sgRNA design, donor-template synonymous mutation strategy, and editing-mode-specific logic that are not actually implemented. In this domain, users may rely on those claims to design CRISPR experiments, so the mismatch can lead to unsafe or invalid experimental decisions, including guides with elevated off-target risk or donor designs that are recut. The scientific/bioengineering context makes this more dangerous because incorrect output can directly influence real-world genome editing workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal