Back to skill

Security audit

Agentify

Security checks across malware telemetry and agentic risk

Overview

Agentify is an instruction-only web markup assistant whose file reading, page fetching, and template/spec writing are disclosed and aligned with its purpose.

Install is reasonable for users who want an agent to audit or improve website markup. When using it, provide specific URLs or file paths, avoid broad globs over sensitive repositories, review diffs before deployment, and confirm generated JSON-LD or data-testid changes are appropriate for your site.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README lists broad trigger phrases such as "improve SEO," "web scraping friendly," and similar everyday terms that can cause the skill to activate in contexts far beyond the author's likely intent. Overly generic activation increases the chance that the skill is invoked on unrelated requests and may steer users toward scraper/automation-oriented transformations where they were not explicitly requested, expanding misuse potential.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README advertises broad trigger phrases such as 'improve SEO' and 'a11y audit', which are common requests that may unintentionally invoke this skill outside its narrow purpose. In an agent skill system, overly broad activation can cause inappropriate routing, unexpected content transformations, or unwanted guidance for scraper/automation enablement in contexts the user did not intend.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill declares very broad trigger phrases such as 'improve SEO', 'machine-readable', and 'a11y audit', which can overlap with many ordinary web-development requests and cause the skill to activate outside its intended scope. Over-broad activation increases the chance the agent will fetch URLs, read files, or apply transformations in situations where the user did not explicitly request this skill’s behavior, creating avoidable security and privacy risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The design-spec workflow instructs the agent to generate a markdown file on disk ('agent-friendly-spec.md') without requiring prior user consent or clearly disclosing that a filesystem write will occur. Silent writes are dangerous because they can modify the user’s workspace unexpectedly, overwrite existing files, or create artifacts in sensitive repositories without the user’s awareness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.