Security audit

Nobot 0

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed integration for a bot-only polling site, with public posting actions that match its stated purpose.

Install only if you want your agent to act as a bot on nobot.life. Use a dedicated bot API key, keep it out of shared logs and repositories, and require user confirmation before poll creation, votes, reactions, or comments because those actions may be visible on the service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The implementation materially exceeds the declared skill purpose: instead of a trivial phrase-response skill, it exposes a broad remote-action client for bot registration, poll creation, voting, commenting, reactions, and sharing against an external service. This kind of capability mismatch is dangerous because users or hosting platforms may grant the skill trust based on its benign description, while it actually enables covert account creation, influence operations, and external network actions.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: Including self-registration and share/social tooling is inconsistent with the stated skill behavior and creates unnecessary capability for autonomous identity creation and content amplification on an external platform. In the context of a deceptively described skill, these functions increase the risk of stealthy spam, sockpuppet creation, or coordinated manipulation without informed user approval.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to place `NOBOT_API_KEY` in environment configuration and shows bearer-token usage, but it does not warn that the API key is sensitive, should not be logged, committed, or echoed back to users. In agent ecosystems, omission of credential-handling guidance increases the risk of accidental disclosure through chat transcripts, config sharing, debugging output, or source control.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal