Back to skill

Security audit

social-auto-tool-builder-1.1.0

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about building social-media auto-reply tools, but it gives generated tools ongoing logged-in account authority without enough containment guidance.

Review carefully before installing. Use only on accounts and content you control, keep dry-run as the default, inspect any generated build scripts before running them, isolate the browser profile used for saved login sessions, set very small reply limits, and require manual approval before live sends. Be aware that automated social-platform replies can trigger account restrictions or send unintended public messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly guides users through real automated reply sending, EXE packaging, and repeated operation against social platforms, but it does not include any warning about platform ToS violations, account suspension risk, accidental spam, privacy exposure, or the consequences of automating actions under a persisted logged-in session. In this context, the omission is security-relevant because the workflow moves from dry-run to real sending and encourages operational deployment, increasing the chance of misuse or unintended account-impacting behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.