Back to skill

Security audit

Trustpilot Reviews

Security checks across malware telemetry and agentic risk

Overview

This Trustpilot scraper is not shown to be malicious, but it needs review because it explicitly encourages stealth/proxy scraping and rate-limit avoidance while collecting reviewer identifiers.

Install only if you have a lawful, compliant reason to collect Trustpilot review data and you are prepared to remove or ignore the stealth/proxy, fingerprint-rotation, and rate-limit-avoidance instructions. Treat reviewer identifiers and profile metadata as personal data: minimize collection, avoid lead-generation or profiling uses unless clearly authorized, and prefer official export/API or permissioned access for bulk work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly instructs operators to respond to anti-bot defenses by switching to a stealth browser with a proxy, which is guidance for bypassing platform protections rather than ordinary data extraction. That materially increases abuse potential by enabling unauthorized large-scale scraping despite defensive controls and signals willingness to evade access restrictions.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The skill recommends distributing scraping across multiple stealth sessions with independent fingerprints so rate limits apply per session, which is direct operational guidance to circumvent traffic controls. This goes beyond a benign scraper and facilitates sustained, higher-volume extraction while avoiding detection mechanisms.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation scope is broadened from narrow Trustpilot review retrieval into competitor intelligence, persona research, training-data collection, and lead generation. That expansive framing makes misuse easier because it encourages secondary uses of scraped content and identities that exceed the minimally necessary purpose.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill advertises extraction of reviewer display names, reviewer IDs, country, profile-verification status, and review counts, and also mentions export, BI, ML, and lead-generation workflows without any privacy warning or minimization guidance. This increases the risk of profiling, downstream misuse of personal data, and handling of identifiers beyond what is necessary for simple review analysis.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script can optionally extract reviewer profile metadata such as reviewer IDs, verification status, and review counts, which increases the amount of personal or profile-linked data collected without any built-in disclosure, minimization guardrails, or consent checks. In the context of a Trustpilot scraping skill explicitly marketed for lead generation, persona research, and bulk export, this materially raises privacy and data-profiling risk beyond basic review extraction.

Ssd 4

Medium
Confidence
95% confidence
Finding
The error-handling section normalizes escalation from ordinary scraping to anti-bot evasion by presenting stealth/proxy fallback as a standard recovery step. In context, that operationalizes bypass behavior and lowers the barrier for users to continue after defensive controls trigger.

Ssd 4

Medium
Confidence
97% confidence
Finding
The batch workflow guidance escalates from normal serial scraping to multiple stealth sessions specifically to increase throughput and avoid rate limits. This codifies a progression from ordinary automation into deliberate evasion, making the skill more dangerous in practice than a simple page parser.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.