Finding Categories

Skills that download or reference external files, URLs, or resources

Skills with patterns that could enable prompt injection attacks

MCP server configuration issues or insecure defaults

Skills with patterns that could leak sensitive data to external endpoints

Server-side request forgery risks targeting cloud metadata or internal services

Supply chain risks: typosquatting, dependency confusion, or untrusted packages

MCP protocol abuse: tool poisoning, rug pulls, or cross-origin attacks

Skills that execute shell commands, system calls, or subprocess operations

Indirect prompt injection via external data sources

Skills that handle, expose, or hardcode credentials and secrets

Multi-step flows that combine benign tools into dangerous chains

Skills that load or embed untrusted third-party content

Unicode/homoglyph tricks used to obfuscate malicious content