RSS Reader

Security checks across malware telemetry and agentic risk

Overview

This is a normal RSS reader skill, but it fetches and displays untrusted feed content that users should review like any web content.

Install this only if you want your agent to fetch RSS/Atom feeds. Review configured feed URLs, prefer trusted HTTPS feeds, avoid localhost or private-network feed URLs, treat feed item text as untrusted content rather than instructions, and enable cron or heartbeat checks only if you want ongoing background polling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill prominently describes monitoring arbitrary RSS/Atom feeds without warning that using it will initiate outbound network requests to external URLs. In an agent context, this can enable unreviewed contact with attacker-controlled endpoints, causing privacy leakage, unwanted network activity, and possible interaction with internal or sensitive URLs if inputs are not constrained.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal