Back to skill

Security audit

daily-news-english-cards

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises, but it should be run in an isolated environment because it uses paid external APIs and can install Python packages.

Install and run this in a virtual environment, review dependencies before allowing runtime pip installation, and use dedicated low-privilege API keys with spending limits. Avoid putting sensitive personal or proprietary text into requests, since generated prompts and news-derived content are sent to external providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
missing.append(pkg)
    if missing:
        print(f"[setup] Installing missing packages: {', '.join(missing)}")
        subprocess.check_call(
            [sys.executable, "-m", "pip", "install", "-q"] + missing
        )
Confidence
93% confidence
Finding
subprocess.check_call( [sys.executable, "-m", "pip", "install", "-q"] + missing )

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase is overly broad and can cause the skill to activate for loosely related requests, increasing the chance of unintended execution. In this skill, unintended execution could lead to external API calls, consumption of paid credits, and local file creation without the user clearly requesting those actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs use of third-party APIs and local output generation but does not clearly warn that user content, prompts, and fetched news data may be sent to external providers and that image and JSON files will be written to disk. This lack of transparency can lead to privacy, compliance, and cost issues because users may unknowingly transmit data off-platform and incur charges.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.