Chatgpt Apps

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent ChatGPT Apps builder; its shell, deployment, auth, and database guidance is expected for that purpose, though users should review secrets and public deployment settings carefully.

Install only if you want an agent to help create and deploy ChatGPT Apps. Before using deployment, confirm auth is enabled where needed, keep service-role keys server-side, review generated tools for destructive actions, verify database user isolation/RLS, and avoid deploying prototypes until endpoints and widgets have been reviewed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The deployment section instructs users to deploy the app to Render, verify public URLs, and configure a ChatGPT connector, but it does not explicitly warn that this makes the service internet-reachable and potentially exposes unfinished tools, widgets, or MCP endpoints. In a skill that automates end-to-end app creation and deployment, omission of this warning can cause users to publish insecure-by-default prototypes or test environments before reviewing authentication, secrets handling, access controls, and data exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal