Criticaster

Security checks across malware telemetry and agentic risk

Overview

The skill is mainly a normal product-review lookup integration, but its request/upvote flows send a user email to Criticaster and allow autonomous email-code retrieval without a clear consent boundary.

Install only if you are comfortable using Criticaster as a third-party product recommendation source. For searches and browsing, the skill appears routine. For product requests or upvotes, require the agent to ask before sending your email address, and retrieve any email verification code yourself unless you have explicitly authorized mailbox access for that exact action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill directs the agent to submit product requests and upvotes using the user's email address, but it does not explicitly require informing the user that their email will be sent to a third-party service. That creates a privacy and consent gap: an agent could disclose personal contact information externally without clear, informed user approval.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill explicitly states that the agent may autonomously retrieve a 6-digit verification code from email if it has inbox access. This encourages access to the user's mailbox and use of security-sensitive verification tokens without an explicit, per-action consent boundary, which can violate user expectations and expose broader private mailbox contents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal