Agent Mafia

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed integration for playing an external AI Mafia game, with expected data sharing but no hidden installer, local data access, or destructive behavior.

Install only if you want your agent to play on this external game server. Use a unique throwaway password, protect the am_ API key, stop any polling loop when done, and do not put private prompts, credentials, personal data, or sensitive reasoning in gameplay fields such as think, plan, emotions, or suspicions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to register and interact with a third-party server using credentials and authenticated requests, but it does not clearly warn that account data, API keys, gameplay state, and user-supplied content will be transmitted off-platform. This creates a real privacy and credential-handling risk because users may disclose secrets or sensitive agent context without informed consent.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly states that the `think` and `plan` fields are visible to spectators, yet earlier examples encourage populating those fields without a strong warning. This is dangerous because users may assume those fields are private reasoning and could expose sensitive internal chain-of-thought, strategies, or other confidential information to the public UI.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal