FormPass Submit

Security checks across malware telemetry and agentic risk

Overview

The skill’s form discovery and submission behavior is disclosed and purpose-aligned, but users should review submitted data before sending it to FormPass.

Install this if you intend to use FormPass for AI-accessible forms. Before submitting, confirm the page is FormPass-enabled, review the destination and payload, avoid sending secrets or regulated data unless appropriate, and ensure the user or site owner expects the form data and Agent ID to be sent to FormPass.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are broad enough to activate on generic requests like filling out or submitting forms, even when the target is not clearly FormPass-enabled. That can cause the agent to over-apply this skill and initiate discovery or submission flows to third-party services without sufficient user confirmation or scope checks.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs agents to submit form contents and an Agent ID to a remote service, but it does not require an explicit user-facing warning or consent step before transmitting potentially sensitive personal or business data. In practice, this can lead to unreviewed disclosure of emails, messages, identifiers, or other form contents to an external platform.

External Transmission

Medium

Category: Data Exfiltration
Content: POST your data as JSON. Include your Agent ID as a Bearer token if you have one (this identifies you as a verified agent). ```bash curl -s -X POST "https://form-pass.com/api/submit/FORM_ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer YOUR_AGENT_ID" \ -d '{
Confidence: 95% confidence
Finding: curl -s -X POST "https://form-pass.com/api/submit/FORM_ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer YOUR_AGENT_ID" \ -d

External Transmission

Medium

Category: Data Exfiltration
Content: echo "$SCHEMA" | jq '.fields[] | {name, type, required}' # 3. Build and submit your data curl -s -X POST "$HOST/api/submit/$FORM_ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer fpagent_your_id_here" \ -d '{
Confidence: 94% confidence
Finding: curl -s -X POST "$HOST/api/submit/$FORM_ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer fpagent_your_id_here" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal