Back to skill

Security audit

builtbyecho-research

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate web-research skill, but it includes optional third-party upload of research reports or traces without enough privacy and consent guidance.

Install only if you trust the npm package and are comfortable with networked web research. Use clear target limits, do not bypass site restrictions, keep API keys out of chat, and only upload reports or traces to Vaultline after explicit approval and review for sensitive content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill is scoped as a web-research tool, but it additionally recommends uploading outputs to Vaultline, an external service unrelated to the core research function. That creates an unnecessary data egress path for research traces and reports, which may contain sensitive source material, internal prompts, or user data, without clear consent gating or privacy constraints.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation description is broad enough that the skill may be invoked for many generic research, browsing, extraction, or installation tasks. Over-broad triggering can cause agents to perform networked actions, crawling, or package usage in contexts where the user did not intend this specific tool, increasing the chance of unnecessary external requests or side effects.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs use of a package that performs web search, fetching, rendering, crawling, and optional API-backed discovery, but it does not clearly warn that invoking it causes outbound network access and possible transmission of queried content to third parties. In an agent setting, users need explicit notice when a skill can contact external sites and services.

Missing User Warnings

High
Confidence
96% confidence
Finding
The Vaultline integration encourages uploading final reports or trace bundles to an external service but does not warn that this transmits potentially sensitive research outputs outside the local environment. Because traces and reports can include proprietary findings, source excerpts, or user-provided material, omission of a privacy warning materially increases the risk of unintended data disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.