Back to skill

Security audit

dataify-router

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed router for Dataify web research and scraping workflows, with no executable code or hidden persistence found.

Before installing, users should be comfortable with a broad Dataify routing skill that may invoke search, web unlocking, structured scraping, or asynchronous Builder workflows using a DATAIFY_API_TOKEN. Review the planned source coverage, scope, and cost drivers before confirming high-volume or asynchronous runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is intentionally broad and outcome-based, which can cause the router to trigger for many loosely related requests without clear boundaries. In an agent system, this increases the chance of overbroad tool selection, unintended data collection, or invoking more powerful downstream scraping capabilities than the user actually needed.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
Treating the phrase “直接执行” as sufficient confirmation is unsafe because it assumes language-specific intent without first establishing the user's preferred language or confirming that the phrase was used knowingly in that context. This can lead to accidental execution of higher-cost or higher-impact actions, especially for high-volume or asynchronous jobs.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The default invocation prompt is broadly phrased and encourages the agent to 'choose and run' a Dataify workflow based only on a general user request, without visible constraints on scope, approval, or capability boundaries. In a router skill, this increases the chance of over-matching ordinary requests and triggering downstream web research, scraping, monitoring, or other external actions the user did not explicitly and narrowly authorize.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.