Back to skill

Security audit

Fanvue

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a legitimate Fanvue integration, but it enables sensitive account actions like mass subscriber messaging and spender-based targeting without enough disclosed safeguards.

Install only if you intend to let an agent operate your Fanvue account. Treat subscriber lists, spender analytics, earnings, and signed media URLs as sensitive, and require manual review before any personalized or mass messages are sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill demonstrates access to environment variables and extensive network operations, but it does not declare permissions or warn users about those capabilities. This creates a transparency and consent problem because an agent could access OAuth secrets and perform outbound actions without an explicit permission boundary.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly documents AI-agent workflows for personalized and mass messaging to subscribers, but it does not warn about consent, spam, platform-policy, or reputational risks. In this context, omission of those warnings is dangerous because it normalizes automated outreach against real user accounts and subscriber populations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill encourages retrieval of subscriber lists, top spenders, earnings, and signed media URLs without accompanying privacy and data-handling warnings. Because these are sensitive creator and subscriber data elements, the absence of guidance increases the risk of overcollection, misuse, or unsafe downstream sharing by an agent.

External Transmission

Medium
Category
Data Exfiltration
Content
const { data: topSpenders } = await vips.json();

// Send personalized message with media
await fetch('https://api.fanvue.com/chat-messages', {
  method: 'POST',
  headers,
  body: JSON.stringify({
Confidence
87% confidence
Finding
fetch('https://api.fanvue.com/chat-messages', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
});

// Or send to multiple subscribers at once
await fetch('https://api.fanvue.com/chat-messages/mass', {
  method: 'POST',
  headers,
  body: JSON.stringify({
Confidence
93% confidence
Finding
fetch('https://api.fanvue.com/chat-messages/mass', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
// Step 2: Get signed URLs for a specific media item
const media = await fetch(
  `https://api.fanvue.com/media/${uuid}?variants=main,thumbnail,blurred`, 
  { headers }
);
const { variants } = await media.json();
Confidence
78% confidence
Finding
https://api.fanvue.com/

External Transmission

Medium
Category
Data Exfiltration
Content
const { data: subscribers } = await subs.json();

// Get top spenders for VIP targeting
const vips = await fetch('https://api.fanvue.com/insights/get-top-spenders', { headers });
const { data: topSpenders } = await vips.json();

// Send personalized message with media
Confidence
82% confidence
Finding
https://api.fanvue.com/

External Transmission

Medium
Category
Data Exfiltration
Content
const { data: topSpenders } = await vips.json();

// Send personalized message with media
await fetch('https://api.fanvue.com/chat-messages', {
  method: 'POST',
  headers,
  body: JSON.stringify({
Confidence
87% confidence
Finding
https://api.fanvue.com/

External Transmission

Medium
Category
Data Exfiltration
Content
});

// Or send to multiple subscribers at once
await fetch('https://api.fanvue.com/chat-messages/mass', {
  method: 'POST',
  headers,
  body: JSON.stringify({
Confidence
93% confidence
Finding
https://api.fanvue.com/

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
examples/auth.ts:151

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
examples/auth.ts:37