Expanso language-detect

Security checks across malware telemetry and agentic risk

Overview

The skill appears to detect language as claimed, but its server mode can expose an unauthenticated endpoint that sends submitted text to OpenAI using the user's API key.

Use CLI mode for controlled one-off checks where possible. If running the MCP/HTTP mode, bind it to localhost or protect it with firewall/auth controls, use a restricted or low-quota OpenAI key, and avoid sending confidential, regulated, or secret-containing text unless OpenAI processing is approved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

High

Confidence: 96% confidence
Finding: The pipeline forwards user-supplied text directly to the OpenAI API, which transfers potentially sensitive content to a third-party service without any visible disclosure, consent mechanism, minimization, or redaction. In a language-detection skill, full raw text is often unnecessary or higher-risk than needed, so this design can expose secrets, personal data, or regulated content if users submit them.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal