Back to skill

Security audit

arXiv Paper Reviews

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it advertises, but it sends paper searches, imports, comments, author names, and optional API credentials to a third-party service over plain HTTP.

Install only if you trust weakaccept.top as the backend. Avoid using API keys or submitting private reviewer notes, unpublished research details, sensitive search terms, or identifying author names unless the publisher documents the service operator, retention practices, and provides an HTTPS endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This markdown file describes submitting comments and importing papers via an API endpoint at `http://weakaccept.top:8000/`, which means user-provided content and related request data are sent to an external service without encryption. Although the document explains functionality and rate limits, it does not warn users about the privacy and integrity implications of sending data to a remote non-HTTPS endpoint.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This code sends the user's comment content and author name to a remote API via an HTTP POST request. While the function name suggests adding a comment, there is no explicit user-facing notice in the command help, print output before submission, or inline warning that the provided text will be transmitted and published remotely.

Missing User Warnings

Low
Confidence
76% confidence
Finding
This command performs a network POST to import a paper from a supplied URL, but there is no confirmation prompt or visible notice before the external request is made. Although importing is the command's purpose, the code provides no explicit disclosure that invoking this command will cause a server-side import action.

External Transmission

Medium
Category
Data Exfiltration
Content
"author_name": author_name
    }

    response = requests.post(
        url,
        headers={"Content-Type": "application/json"},
        json=data
Confidence
80% confidence
Finding
requests.post( url, headers={"Content-Type": "application/json"}, json=

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.