Opennews

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward OpenNews/6551 crypto-news API helper, with disclosed token-based API calls and no evidence of hidden execution, persistence, exfiltration, or destructive behavior.

Install only if you trust the OpenNews/6551 service. Use a dedicated, revocable OPENNEWS_TOKEN, expect your news queries and token to be sent to https://ai.6551.io, and avoid sharing a token with permissions beyond this service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The skill requests the generic `exec` tool even though its declared purpose is crypto news search and real-time updates, which can ordinarily be implemented with bounded HTTP requests and parsing utilities. Granting broad command execution unnecessarily expands the attack surface: if any downstream prompt, input, or tool invocation is influenced by untrusted data, the skill could run arbitrary shell commands beyond its stated functionality.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to send a Bearer token to an external API but does not clearly warn that the credential will be transmitted off-host to a third-party service. This is a real security concern because users may paste or configure sensitive tokens without understanding the trust boundary, logging exposure, or implications of using an external endpoint.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal