Ecommerce Product Detail

Security checks across malware telemetry and agentic risk

Overview

The skill appears aimed at ecommerce product extraction, but its instructions include anti-bot challenge handling and local persistence that users should review before installing.

Install only if you are comfortable with a product-extraction skill that may use browser sessions and local notes. Avoid using it on sites that present CAPTCHA, bot-check, login, or access-control barriers, and review or disable any local memory file if URLs or browsing details are sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Intent-Code Divergence

High

Confidence: 96% confidence
Finding: The skill asserts that it does not bypass authentication or access controls, yet later instructs the operator to solve CAPTCHA or bot-check challenges to continue scraping. That creates a contradictory boundary and normalizes defeating anti-automation controls, which can violate site protections and enable data collection beyond what the platform intends to permit to automated tools.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The instructions to establish session cookies first and use CAPTCHA-solving when challenged are anti-bot evasion tactics unrelated to simple extraction of public product details. Even for public pages, these steps increase the skill's ability to scrape at scale against a site's expressed technical restrictions, expanding misuse potential.

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The description contains a very large set of generic triggers like price check, product research, get product images, and fetch product info, which makes the skill likely to auto-match many ordinary browsing requests. Overbroad invocation can cause the agent to launch scraping behavior in contexts where the user did not explicitly request cross-site extraction, increasing accidental data collection and policy bypass risk.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill instructs writing execution notes to a local memory file without clearly disclosing that it persists data on disk. Silent persistence can create privacy and security issues if URLs, identifiers, anti-bot behavior, or operational notes accumulate in a shared workspace and are later reused unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal