Back to skill

Security audit

Snapshot to API

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser optimization skill that can use your logged-in browser session to call page APIs, so it is acceptable but should be used deliberately.

Install only if you want the agent to inspect network-backed data sources for pages you are authorized to access. Avoid using it on banking, admin, account, or personal-data-heavy pages unless you explicitly intend that access, and redact tokens, tenant IDs, personal data, or session-specific parameters before saving discovered API notes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation guidance includes broad phrases like "find the API," "make this faster," and "browser optimization," which can match many ordinary user requests and cause the skill to activate in situations where API discovery was not intended. Because the skill then pivots from visible UI interaction to hidden backend endpoints, overbroad triggering increases the chance of unexpected access to sensitive data sources.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to enumerate resource URLs from a live authenticated page and then fetch candidate APIs directly, while only briefly saying to ignore analytics and user-info URLs. It does not provide meaningful safeguards around session-bound endpoints, personal data, tokens, account details, or internal APIs, so it can easily retrieve sensitive data that is accessible only because the browser session is authenticated.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.