Back to skill

Security audit

AI DeepNews

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it fetches public AI news, translates it to Chinese, and writes a local digest.

Before installing, expect the skill to download Python packages, contact multiple public RSS sources, send fetched article titles and summaries to Google Translate, and store a local digest/cache. Treat generated article text and links as untrusted news content, especially if using the digest in an agent workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill states it uses Google Translate without clearly warning users that fetched content will be sent to a third-party translation service. Even if the content is public RSS data, summaries or transformed text may still be transmitted externally, creating privacy, compliance, and data-handling concerns for users who may assume the workflow is fully local.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill advertises automatic translation to Chinese as a default behavior without offering user choice or consent. Defaulting to external translation can unexpectedly transmit content off-device and may also reduce user control over language, which is especially problematic in enterprise or privacy-sensitive environments.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill sends article titles and summaries to `googletrans`, which relies on an external network translation service, but the code and description do not clearly disclose that third-party transmission occurs. This creates a privacy and data-governance risk because fetched content may include proprietary, licensed, or sensitive text that is exfiltrated outside the local environment without user awareness or consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.