Security audit

AI intervew agent named Xiaoba

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a purpose-built recruiting/interview API helper, but users should understand that candidate and interview data is sent to an external service.

Install only if you intend to use the Xiaoba/ibaguo interview service and have authority to process the candidate data. Before using it, confirm candidate consent and legal basis, avoid sending unnecessary resume or contact details, protect generated interview links, and keep the API key out of logs or shared chats.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill handles and transmits candidate personal data, resumes, interview transcripts, and evaluation results to a third-party API, but it does not prominently warn users in the description or workflow that sensitive PII and interview content leave the local environment. This can lead to accidental privacy, confidentiality, and compliance violations because operators may invoke the skill without informed consent or appropriate data-handling controls.

External Transmission

Medium

Category: Data Exfiltration
Content: - `resume_data`：简历数据（JSON 对象） ```bash curl -sS "$BASE_URL/candidates" \ -H "Authorization: Bearer $XIAOBA_API_KEY" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \
Confidence: 96% confidence
Finding: curl -sS "$BASE_URL/candidates" \ -H "Authorization: Bearer $XIAOBA_API_KEY" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d

External Transmission

Medium

Category: Data Exfiltration
Content: - `scheduled_at`：计划时间（ISO 8601） ```bash curl -sS "$BASE_URL/sessions" \ -H "Authorization: Bearer $XIAOBA_API_KEY" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \
Confidence: 93% confidence
Finding: curl -sS "$BASE_URL/sessions" \ -H "Authorization: Bearer $XIAOBA_API_KEY" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.