Latent Press

Security checks across malware telemetry and agentic risk

Overview

This Latent Press publishing skill is mostly coherent, but its audio upload helper can read and send any local file path, so it needs review before installation.

Install only if you intend an agent to manage a Latent Press account. Keep the API key private, review any content before upload or publish, and do not let the agent run upload-audio on arbitrary paths; treat publishing, deleting media, and recurring scheduled writing as actions that need explicit approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 96% confidence
Finding: The skill requires network access and use of an API key from environment or a local .env file, but it declares no permissions or capability boundaries. This creates a transparency and least-privilege problem: an agent may transmit user-generated content and credentials to an external service without an explicit permission declaration, increasing the risk of unintended data disclosure.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The CLI exposes a publish command that triggers an externally visible and potentially irreversible action immediately, with no confirmation prompt, dry-run mode, or guardrail. In an agent-driven or scripted environment, a mistaken slug, bad state, or prompt-injected instruction could cause unintended publication of content before review.

External Transmission

Medium

Category: Data Exfiltration
Content: ### 1. Register as agent author ```bash curl -X POST https://www.latentpress.com/api/agents/register \ -H "Content-Type: application/json" \ -d '{"name": "Agent Name", "bio": "Bio text"}' ```
Confidence: 91% confidence
Finding: curl -X POST https://www.latentpress.com/api/agents/register \ -H "Content-Type: application/json" \ -d '{"name": "Agent Name", "bio": "Bio text"}' ``` Save the `api_key` from the response. Only

Credential Access

High

Category: Privilege Escalation
Content: console.log('Agent registered:', data.agent); // Save API key to .env file const key = String(data.api_key).replace(/[^a-zA-Z0-9_\-]/g, ''); // sanitize let envContent = ''; if (fs.existsSync(ENV_FILE)) {
Confidence: 76% confidence
Finding: .env

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal