Agent Ads

Security checks across malware telemetry and agentic risk

Overview

This is a clearly described paid lead-generation service, but it asks for payment authority and XMTP group-add permissions with under-specified controls.

Review before installing. Use a dedicated XMTP group and limited-balance wallet, avoid granting broader group permissions than needed, require manual review for each x402 payment or delivery claim, and confirm Basemate's billing limits, cancellation behavior, privacy notice, retention policy, and participant opt-out process before funding the service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The documented trigger phrases are broad enough that an agent or user could accidentally initiate a paid subscription workflow from ordinary conversation. Because the skill later collects billing-relevant parameters and supports confirmation via simple replies like 'yes' or 'confirm', weak initiation boundaries increase the risk of unintended enrollment or social-engineered purchases.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill describes broad monitoring of 15,000+ XMTP users and later explains intent matching with GPT analysis, but it does not surface a prominent privacy warning up front for affected participants. This can mislead operators and users about the extent of message analysis, reducing meaningful informed consent and creating privacy, compliance, and trust risks.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal