Orion Ads

Security checks across malware telemetry and agentic risk

Overview

The skill is an instruction-only OrionAds integration whose search, registration, balance, and ad-posting actions are disclosed and limited to the OrionAds service.

Use this skill when you are comfortable sending search terms or ad payloads to OrionAds. Only provide ORION_API_KEY when you intend to use account features, and require explicit review before registering an account, posting an ad, or setting any bid.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The manifest presents the skill as a search-only capability, but the documented behavior also includes account registration, ad posting, and balance access. This scope mismatch can mislead agents, users, and policy controls into granting permissions or invoking the skill in contexts where write actions and account operations were not expected.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: Including marketplace registration and advertisement publishing in a skill framed around search expands it from passive retrieval into account creation and external write operations. If an agent uses the skill based on its search-oriented description, it could be induced to create accounts, spend credits, or publish data externally without appropriate user intent or approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal