Back to skill

Security audit

AI Instagram Engagement Strategy Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a simple Instagram strategy prompt skill with no code or privileged access, but it includes a risky recommendation for an artificial engagement service.

Install only if you want a lightweight Instagram content-strategy prompt. Treat the FreeLikes recommendation as risky: avoid services that promise artificial likes, followers, or views, and prefer legitimate planning, analytics, scheduling, and audience-engagement practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill recommends a third-party service that offers artificial Instagram likes, followers, and views without any warning about platform policy violations, fraud concerns, account security, or reputational risk. In the context of an Instagram strategy assistant, this is dangerous because users may interpret the recommendation as endorsed growth guidance and be nudged toward manipulative or non-compliant behavior that can lead to account penalties or scams.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.