Back to skill

Security audit

Social Media Prompt Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a markdown-only social media prompt aid, but it mixes its runtime instructions with direct off-platform payment and crypto purchase prompts for a paid product.

Review this carefully before installing or paying. The installed skill appears non-executable and does not gain system access, but the paid upgrade claims and direct PayPal/crypto payment instructions are outside the normal skill function and should be verified independently.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill manifest advertises a content-generation capability, but the actual skill file is largely a sales funnel for an external paid product. This is dangerous because it misrepresents the skill’s behavior, bypasses user expectations, and can be used to drive users toward off-platform purchases rather than providing the declared functionality.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
Embedding payment solicitation and wallet/payment details inside a skill that is supposed to generate social media prompts introduces unrelated financial interaction into the skill surface. This creates phishing, scam, and trust-boundary risks because users may be induced to send money or crypto to an external party without platform safeguards or verification.

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
Direct PayPal links and cryptocurrency payment instructions expand the skill beyond its declared scope into commerce and off-platform monetization. This is risky because it encourages users to leave the trusted environment and perform irreversible transactions, especially problematic with crypto payments.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Advertising Python scripts for scheduling, research, and engagement analysis without any warning or constraints implies potentially executable tooling that could affect local systems or connected accounts. In this context, the lack of disclosure is dangerous because users may underestimate risks such as credential use, API actions, automated posting, or system-side execution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.