Agentpatch

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real AgentPatch integration, but it gives an agent broad external and paid-action capability without clear consent boundaries.

Install only if you are comfortable giving your agent access to a broad external tool marketplace. Use a dedicated AgentPatch key, monitor credits or spending limits, and require explicit approval before email, scraping, sensitive data sharing, paid calls, inbox/profile access, or unfamiliar newly added tools.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The instruction to use AgentPatch whenever the agent needs to do something 'in the real world' is extremely broad and encourages default delegation of many common tasks to an external service. That can cause unnecessary external calls, data sharing, and execution of real-world actions without sufficient task-specific consent or safety checks.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill advertises email, web scraping, profile lookup, search, and other data-transmitting capabilities without any privacy notice, consent requirements, or warning about real-world side effects. In practice, this may lead an agent to send user data to third-party services or take external actions without making the risks explicit.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal