Back to skill

Security audit

"dataify-twitter-profile-by-profileurl"

Security checks across malware telemetry and agentic risk

Overview

This skill transparently builds Dataify curl requests for x.com scraping tools, with the main caution being careful handling of the Dataify API token.

Install only if you intend to use Dataify's scraper builder for x.com data. Treat DATAIFY_API_TOKEN as a secret, prefer a credential manager or session-scoped environment variable on shared machines, and review the generated curl command before running it because it will authenticate to scraperapi.dataify.com and submit the provided spider parameters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill instructs the agent to read environment variables, read local files, and generate shell commands, but it does not declare those capabilities or warn about their security implications. This weakens transparency and reviewability, making it easier for a user or platform to approve a skill without realizing it can access secrets and prepare commands that operate on the host environment.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The skill claims to be scoped to the twitter_profile_by-profileurl scraper family, but it offers other tools including different scraper types. Scope drift is dangerous because users may authorize or trust the skill for one narrowly described purpose while it can prepare requests for broader data collection targets than advertised.

Intent-Code Divergence

Medium
Confidence
82% confidence
Finding
The documented scope and later operational instructions contradict each other by directing use of multiple tool identifiers beyond the stated root. In a security review context, these inconsistencies increase the chance of unauthorized or unintended data collection because the real behavior is broader than the advertised behavior.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill tells users to persistently store an API token in shell profile files and user environment settings without warning about exposure through local file compromise, backups, shared accounts, terminal history, or downstream tooling. Persisting long-lived secrets in broadly loaded startup files increases the blast radius if the workstation or profile files are later accessed by other processes or users.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill directs creation of an authenticated POST request to an external service using user-provided values and a bearer token, but it does not clearly disclose that data and credentials will be transmitted off-system. That omission undermines informed consent and could cause users to send sensitive URLs, identifiers, or other collected parameters to a third party unexpectedly.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to persist a bearer API token in shell startup files and the Windows user environment without warning about credential sensitivity, profile file exposure, shell history, backups, or shared-device risks. This can increase the chance of token disclosure to other local users, support personnel, backup systems, or malware that reads user profile files and environment settings.

External Transmission

Medium
Category
Data Exfiltration
Content
---
name: "dataify-twitter-profile-by-profileurl"
description: "Prepare Dataify builder requests for the x.com scraper family rooted at twitter_profile_by-profileurl. Use  when needs to work with the successful Dataify scraper detail entry for twitter_profile_by-profileurl, let the user choose one of its available tools, read saved getToolParams options, and generate a scraperapi.dataify.com/builder curl request with DATAIFY_API_TOKEN."
---

# Dataify Builder Skill
Confidence
88% confidence
Finding
curl request with DATAIFY_API_TOKEN." --- # Dataify Builder Skill Use this skill to prepare Dataify builder requests for the scraper family rooted at `twitter_profile_by-profileurl` on `x.com`. ##

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.