Back to skill

Security audit

Agent Reach

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a disclosed web and social-platform helper, but it gives agents broad account, cookie, setup, and posting authority without enough user-confirmation boundaries.

Review before installing. Use it only if you are comfortable giving an agent API-backed web access and, for some channels, logged-in cookies or browser sessions. Require explicit approval before cookie import, proxy changes, installs, anti-bot browser automation, or any post/comment/public interaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger phrases are extremely broad (for example, generic requests like 'search online', 'research', and common Chinese equivalents), which can cause the skill to activate for ordinary user requests beyond its narrowly intended scope. In a skill that can browse the web, scrape third-party content, and perform platform interactions, overbroad activation increases the chance of unintended external actions or data disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The description explicitly includes posting, commenting, and interacting on supported platforms, but it does not require a clear warning or explicit user confirmation before account-impacting actions. This is dangerous because an auto-invoked or overly trusted skill could perform irreversible actions using the user's authenticated sessions or imported cookies.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.