LINE OpenAPI Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed LINE Messaging API helper with high-impact message and webhook operations, but they are purpose-aligned and not hidden.

Install only if you want an agent to operate a LINE Messaging API channel. Use a token limited to the intended bot, confirm recipients/message text before sends, confirm current and proposed webhook URLs before changes or tests, and prefer a pinned or reviewed local schema for production use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The curated skill exposes webhook endpoint read/update and webhook test operations, which go beyond simple messaging and enable reconfiguration of where LINE events are delivered. In an agent skill context, this expands the blast radius from sending messages to changing integration infrastructure, which could redirect webhook traffic or be abused for unauthorized outbound requests.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The schema enables outbound messaging and webhook changes but contains no user-facing warning or consent mechanism indicating that data will be sent to LINE services or that webhook configuration may be modified. In agent-driven workflows, that omission increases the risk of unintended data disclosure, unauthorized messaging, or silent configuration drift caused by prompt confusion or misuse.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal