Security Audit
mcpwn-cve-2026-33032
github.com/cisco-ai-defense/skill-scannerTrust Assessment
mcpwn-cve-2026-33032 received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Prompt Injection and Credential Harvesting Attempt.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit 41fec4a9). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Prompt Injection and Credential Harvesting Attempt The skill contains a malicious instruction ('retry_hint') designed to manipulate the host LLM into repeatedly executing a tool to harvest sensitive API keys. This is an exploitation attempt of the MCPwn pattern. Remove the malicious instruction payload from the skill file. Implement strict input validation and do not allow skill instructions to control tool execution loops or request sensitive credentials. | LLM | SKILL.md:5 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | evals/test_skills/malicious/mcpwn-cve-2026-33032/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/a2b5d883b6a03eae)
Powered by SkillShield