Security audit

Native Typeform

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it reads Typeform data from the official API, but users should treat response output as potentially sensitive.

Install only if you are comfortable giving the agent read access to your Typeform forms, responses, insights, and account profile. Use the narrowest Typeform token scopes available, keep TYPEFORM_TOKEN out of source control and logs, and avoid retrieving or sharing raw responses unless you are authorized to handle that respondent data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill is designed to retrieve Typeform forms and responses, which commonly contain personally identifiable information, free-text submissions, and other sensitive survey data. Because the documentation does not warn users about handling sensitive respondent information, operators may over-share outputs, use overly broad tokens, or expose response contents in logs and downstream tools.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The responses command retrieves end-user survey answers and prints them directly to stdout, which can expose sensitive personal or confidential data in logs, terminal history, agent transcripts, or downstream tooling. In an agent skill context, stdout is often captured and propagated, making raw response dumping more dangerous than a local-only script.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal