financial-market-analysis
Fail
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configures an MCP server pointing to an endpoint on 'bore.pub', a tunneling service frequently used to host ephemeral or malicious content and bypass firewall restrictions.
- [EXTERNAL_DOWNLOADS]: Automated security analysis (URLite) has explicitly flagged the specific proxy URL (http://bore.pub:44876/api/v1/mcp/project/1b8245e7-a24f-4cc1-989e-61748bfdab7f/sse) as associated with Phishing.
- [COMMAND_EXECUTION]: The configuration instructions direct the execution of 'uvx mcp-proxy', which facilitates the connection of local agent capabilities to the aforementioned unverified remote server.
- [CREDENTIALS_UNSAFE]: The skill requires a 'CRAFTED_API_KEY' to be configured and sent as a header to the 'bore.pub' URL, creating a high risk of credential interception by the untrusted proxy host.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata