Security audit

AIScan — AI Readiness Scanner

Security checks across malware telemetry and agentic risk

Overview

AIScan is a disclosed hosted website scanner with optional website-readiness fixes, but users should only scan URLs they are comfortable sending to aiscan.site and should review proposed file changes.

Install if you want an agent to use aiscan.site for website AI-readiness audits. Do not submit confidential, internal, localhost, or staging URLs unless you intend to disclose them to that hosted service, and review any proposed robots.txt, llms.txt, sitemap, .well-known, OAuth, MCP, or agent-skill changes before letting an agent write them to your site.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs the agent to modify repository files and then re-scan a live URL using an external service, but it does not require explicit user confirmation before making changes or disclose that the site URL will be transmitted to a third-party endpoint. This creates a meaningful risk of unauthorized file edits and unintended data sharing, especially in agentic workflows that may auto-apply 'safe' fixes.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to send a user-provided URL to a third-party service at aiscan.site without requiring explicit user consent or warning that the target URL will be disclosed externally. This creates a privacy and data-handling risk, especially if users provide internal, staging, or otherwise sensitive URLs that should not be shared with external services.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill explicitly directs the agent to apply remediation changes to the user's codebase based on external scan output, but it does not require confirmation before modifying files. This is dangerous because it can lead to unauthorized or unexpected code changes, and the external service's remediation text could indirectly influence file edits in ways the user did not review.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.