Back to skill

Security audit

Vigilath Pet Commerce

Security checks across malware telemetry and agentic risk

Overview

This appears to be a shopping/commerce skill, but it needs Review because it may let an agent place orders and move into payment without a clearly documented confirmation step.

Install only if you are comfortable with an agent using Vigilath.com for shopping tasks. Require manual confirmation before every order placement or payment, review item, quantity, price, address, and payment method, and avoid creating or sharing shipping addresses unless the user explicitly approves the exact data being sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly documents an 'autonomous — one call' workflow that can search, select, order, and then proceed to payment without any prominent warning or requirement for user confirmation. In a commerce skill, enabling automated purchasing behavior without clear safeguards materially increases the risk of unauthorized spending, accidental purchases, and abuse if the agent is prompted or manipulated into acting on a user's behalf.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill exposes endpoints to list and create shipping addresses containing personal data such as receiver name, phone number, and street address, but does not warn that this information will be accessed and transmitted to a third-party service. This omission can lead to privacy surprises, over-collection, and unsafe handling of sensitive personal data by downstream agents or users who do not realize the scope of disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.