Back to skill

Security audit

Bearblog

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a coherent Bear Blog automation helper, but it includes examples that can publish or delete live blog content with too little user confirmation, including bypassing a delete confirmation dialog.

Install only if you are comfortable letting an agent use an authenticated Bear Blog session. Before publishing, unpublishing, or deleting, require an explicit confirmation, verify the exact blog subdomain and post title or URL, and avoid entering passwords into ordinary chat or saved logs unless your environment provides protected secret handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

High
Confidence
97% confidence
Finding
The documented delete flow explicitly overrides `window.confirm` to always return true and then clicks the Delete button, removing the only built-in user confirmation step for a destructive action. In an agent skill context, this is dangerous because it normalizes fully automated irreversible deletion and makes accidental or prompt-induced data loss much more likely.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The workflow explicitly includes login, persistent session use, and a publish action, but it does not require any user confirmation or warn that these steps can create account-impacting side effects. In an agent skill context, this increases the chance of unintended posting or misuse of an already-authenticated session, especially if the workflow is executed automatically or with loosely scoped user prompts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.