Bitly

Security checks across malware telemetry and agentic risk

Overview

This Bitly skill appears purpose-aligned, but it includes delete and broad write-capable API actions without clear safety checks, so it should be reviewed before use.

Install only if you are comfortable granting the agent meaningful control over your Bitly account. Use least-privilege Bitly credentials where possible, prefer read-only lookups unless you explicitly request a change, and require the agent to confirm the exact Bitlink, method, endpoint, and payload before any delete or non-GET proxy request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents a permanent delete action for Bitlinks without any guidance to require explicit user confirmation, explain irreversibility, or verify target identity before execution. In an agent setting, this increases the chance of accidental destructive operations from ambiguous prompts or mistaken automation.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The proxy-request section enables arbitrary Bitly API calls, including POST, PATCH, PUT, and DELETE, but does not warn about data-changing or destructive effects or advise confirmation before use. Because this bypasses curated actions, it broadens the attack surface and makes unintended state changes easier if an agent follows vague or adversarial instructions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal