Back to skill

Security audit

Hoverbot Chatbot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent instruction-only guide for setting up a HoverBot website chatbot, with ordinary third-party service risks users should review before deploying.

Use this skill only for websites you control. Before deploying, verify the HoverBot dashboard and CDN domains, enable allowed-domain restrictions where available, confirm the widget key is intended for browser use, and avoid uploading confidential, regulated, or customer-sensitive content unless HoverBot's privacy and retention controls meet your needs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The example trigger phrase, "Help me add a customer support chatbot to my website," is broad and closely resembles a common, legitimate user request. In agent ecosystems where skills are selected by semantic similarity or trigger matching, this can cause the skill to activate unintentionally for generic website-help queries, expanding when and where the skill is invoked beyond clear user intent. In this context, that is moderately risky because the skill guides users to external account creation and third-party embed flows.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users to embed a unique API key client-side and upload documents/URLs for model knowledge without any warning about secret exposure, allowed-domain enforcement, or privacy/data-handling risks. In practice, a browser-exposed key can often be extracted and abused unless it is strictly origin-scoped and low-privilege, and knowledge uploads may include sensitive internal content that is then processed by a third party.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The example instructs users to embed an API key directly into client-side HTML and load a third-party widget, but provides no warning that the key will be publicly visible and that page/chat data will be sent to an external provider. Even if the key is intended to be publishable, the documentation normalizes exposing credentials and omits guidance on key scope, origin restrictions, and data-sharing implications, which can lead to misuse or unintended disclosure.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The guidance encourages uploading FAQ documents or support URLs to improve answers without warning that this content may be ingested, stored, or processed by the bot provider. Users may upload internal support materials, customer data, or non-public business information under the assumption it stays local, creating avoidable confidentiality and compliance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.