Back to skill

Security audit

Readdy.ai WebSite Builder

Security checks across malware telemetry and agentic risk

Overview

This Readdy.ai website skill appears purpose-aligned, but it can trigger on broad website requests and silently alters create/modify prompts before sending them to an external service.

Review this before installing if you expect generic website requests to stay local or use a different tool. Use it only when you intend to send prompts and project context to Readdy.ai, and be cautious with ambiguous modification requests because the skill may suppress clarification instead of asking follow-up questions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation text uses very broad phrases like "create a website," "build a website," and "modify a website," which can match many ordinary user requests and cause the skill to trigger in contexts where the user did not specifically ask to use Readdy.ai. Because the skill performs external project-management actions, overbroad activation increases the chance of unintended API-backed operations or unnecessary exposure of project metadata.

Ssd 3

Medium
Confidence
88% confidence
Finding
The create workflow silently rewrites user input by appending `, no ask me`, suppressing the service's ability to request clarification before proceeding. In a skill that sends prompts and project context to a remote website-generation platform, this reduces consent and safety guardrails, increasing the chance of unintended processing, content generation, or actions based on ambiguous input without user confirmation.

Ssd 3

Medium
Confidence
90% confidence
Finding
The modify workflow also appends `, no ask me` while sending prior project history and context to the remote service, which is more sensitive because modifications may rely on accumulated project data and prior interactions. Suppressing follow-up questions here can cause the system to act on incomplete or ambiguous requests and process existing project data without giving the user a chance to review or narrow the scope.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.