Adspy & Ad Library: TikTok & Facebook
Security checks across malware telemetry and agentic risk
Overview
The skill is for ad research, but it installs a broader PipiAds MCP server that can change monitoring settings and submit images beyond the stated workflow.
Install only if you are comfortable giving this MCP server your PipiAds API key and access to broader PipiAds account features than simple ad search. Keep tool calls user-directed, and avoid autonomous use of monitor creation, group deletion, notification changes, or image submission unless you explicitly need those actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.