Back to skill

Security audit

Agent Contact Card

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill explains an agent contact-card format and its outbound contact behavior is disclosed and aligned with that purpose, though users should avoid sending sensitive data to demo or discovered webhooks.

Install only if you want agents to discover and use external contact channels. Treat fetched agent-card content as untrusted routing information, verify the domain and recipient, and review the exact payload before sending anything personal, credential-related, financial, or business-sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly encourages testing against a live external demo and then POSTing to its webhook endpoint, but provides no warning about sending data to a third-party service or limiting what may be transmitted. In an agent context, this is risky because an automated agent may include user content, identifiers, or other sensitive context in the request, resulting in unintended external data disclosure or unreviewed outbound actions.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The example tells users to POST to a live webhook endpoint without defining safe bounds, test-only payloads, authorization expectations, or rate limits. In an agent skill, this can nudge downstream agents or users into making unsolicited external requests, which creates SSRF-like behavior, accidental misuse of third-party services, or transmission of unintended data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The demo section encourages fetching and then sending data to an external live webhook, but does not warn that information will leave the local environment or be handled by a third-party service. Because this skill is specifically for discovering and using agent contact channels, the surrounding context makes outbound interaction seem normal, increasing the risk that users or agents will transmit real identifiers, messages, or operational metadata without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.