X Topic Tweet

Security checks across malware telemetry and agentic risk

Overview

This skill is open about posting to X, but it gives the agent authority to publish a public post without a clear final user confirmation step.

Install only if you want an agent to use your X session to publish live public posts. Before using it, require the agent to stop after drafting, show the exact tweet and link, and wait for your explicit approval before clicking publish.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill metadata describes a very common class of tasks—researching a topic and drafting/posting a tweet—without strong gating conditions, so it could be auto-selected for ordinary writing or social-media requests. Because this skill performs a live publishing action to the user's X account, broad invocation increases the chance of unintended account actions and accidental posting when the user may have only wanted drafting help.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill proceeds toward composing and publishing a live X post but does not present an explicit user-facing warning at the outset that it will post to the user's account. In an agentic environment, this omission is dangerous because users may interpret the task as research or drafting assistance and not realize the skill includes an irreversible external side effect: public publication.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal