Eversince

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Eversince API guide for creative media generation, with sensitive account and paid-credit actions that users should invoke deliberately.

Install only if you intend to use Eversince with a paid account. Use a dedicated revocable API key, estimate costs before generation, avoid uploading confidential media unless appropriate, and require explicit approval before creating public share links, setting webhooks, changing learned preferences or account skills, or creating/revoking API keys.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 78% confidence
Finding: The API exposes endpoints to read project memory and account-level learned preferences, which may contain sensitive prompts, internal notes, assets, or user-specific behavioral data. Documenting these endpoints without a clear sensitivity warning increases the chance that integrators will overexpose this data in logs, UIs, downstream tools, or to unauthorized users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal