Bluepages Register

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only API reference for registering and managing a Blue Pages agent profile, with external sharing and small paid actions disclosed in the text.

Install only if you intend your agent to use Blue Pages. Treat registration details, X handles, logos, messages, and proxy-call parameters as data shared with external services; confirm before profile updates, image uploads, paid x402 actions, or proxy calls; avoid sending secrets or sensitive internal URLs; and store any inbox admin key securely outside prompts and logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The skill states that providing an X handle causes the user's X profile photo to be automatically reused as the avatar, but it does not provide an explicit privacy or consent warning. This can lead to unintentional disclosure or reuse of externally sourced personal/profile data, especially if users do not realize that supplying a handle triggers avatar import.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal