Add Pi Events D1

Security checks across malware telemetry and agentic risk

Overview

This skill is meant to manage website events, but it gives an agent live Cloudflare database write and delete authority without enough guardrails.

Install only if you control the Cloudflare account and the babenchuk.com events database. Before any write or delete, require the agent to show the exact SQL, target database, and affected event records, then explicitly confirm the action. Use a dedicated least-privilege Cloudflare token and keep a backup or rollback path for live-site data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are broad enough to match ordinary content-editing requests and can cause the skill to activate in situations where the user did not explicitly intend a live database write. In this skill's context, activation leads directly to remote D1 modification of production event data, so ambiguous triggering materially increases the chance of unintended state changes.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documented delete command performs irreversible remote deletion against the live database with no confirmation, preview, or backup guidance. In a skill designed for operational use, this creates a clear path for accidental or socially engineered destructive actions that immediately impact production content.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal