品牌热点营销助手

Security checks across malware telemetry and agentic risk

Overview

This marketing skill is mostly coherent, but it asks users to paste a billable App-Key into chat and documents unclear API handling for that key.

Install only if you trust the Zeelin/Vane service and are comfortable with successful requests spending 100 credits. Prefer a revocable, low-scope key, avoid pasting reusable secrets into chat where transcripts may be retained, and verify the real production endpoint before sending credentials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Ssd 3

Medium

Confidence: 97% confidence
Finding: The skill instructs the agent to ask users for an App-Key directly in chat and then replay that secret in API requests. Collecting reusable credentials in plain conversation increases the chance of accidental disclosure, logging exposure, prompt leakage, and cross-tool misuse; the risk is heightened because the key appears to control billable quota and account access.

Ssd 3

Medium

Confidence: 96% confidence
Finding: The example dialogue normalizes a dangerous pattern: users pasting secret keys into chat and the agent operationalizing them. This trains both users and integrators to treat conversational channels as credential entry points, increasing the likelihood of key compromise through transcript retention, model exposure, support access, or downstream prompt injection.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal