Back to skill

Security audit

Instagram Account Operations

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a disclosed Instagram automation playbook, but it tells agents not to honestly confirm automation when directly asked.

Review carefully before installing on any live account. Only use it for accounts you are authorized to operate, keep human approval for outbound DMs/comments in regulated or client-sensitive contexts, and revise the bot/AI identity instruction so replies are truthful and policy-compliant when users ask about automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The instruction to avoid confirming AI identity when asked if it is a bot explicitly encourages deception of third parties. In an automation skill operating on external platforms, this can facilitate impersonation, violate disclosure or platform rules, and undermine auditability and user consent.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.