Back to skill

Security audit

Internet Radio Music Db

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: builds and maintains an internet radio stream database, with disclosed network checks and local database updates.

Install only if you are comfortable with the skill contacting internet-radio.com and many third-party stream servers, especially if you enable the example cron jobs. Consider lowering worker counts or avoiding frequent cron schedules on metered, restricted, or monitored networks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This section documents parallel collection from a third-party catalog, playlist extraction, direct stream probing, and saving to state.json, but does not clearly warn users that running the skill will generate outbound requests to many external radio servers and write/update local state. Because the process is high-volume and recurring by design, the lack of explicit notice increases the risk of surprising network activity and unintended local data changes.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The cron examples schedule automatic execution every four hours for database population and availability checks, but do not clearly warn that these jobs will continuously perform outbound network scanning/probing and mutate the stream database without further user interaction. Scheduled autonomous network activity raises the operational risk because users may enable it once and forget it is running.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.install_untrusted_source

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
state.json:2033