Back to skill

Security audit

Prediction Markets Roarin

Security checks across malware telemetry and agentic risk

Overview

This skill is related to Roarin prediction markets, but it pushes agents to set up recurring autonomous predictions and public posts using a stored API key.

Install only if you intentionally want an agent to use a Roarin bot API key and possibly run scheduled market activity. Keep the API key in a secret store rather than general memory, do not enable the cron or HEARTBEAT workflow unless you want recurring autonomous actions, and require manual confirmation before predictions or public feed posts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill explicitly instructs the agent to install autonomous behavior via HEARTBEAT.md or a cron job, causing recurring external actions without a fresh user request. That expands the skill from on-demand assistance into self-directed network participation and public posting, which can lead to unauthorized actions, spend API quota, and create ongoing external side effects.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger description is broad enough to activate on generic terms like sports predictions, polymarket predictions, or roarin-related phrases, increasing the chance of unintended invocation. In this skill, unintended invocation is more dangerous because activation can lead to account registration, network calls, and encouragement of autonomous behavior.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill promotes automated prediction submission and optional public posting without prominently warning that these are external, potentially recurring, public actions. This can cause the agent to act beyond user expectations, especially if combined with broad triggering or background execution setup.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
SKILL.md:27