Quackgram

Security checks across malware telemetry and agentic risk

Overview

Quackgram is a straightforward external agent-messaging skill, with expected network use and credential lookup disclosed enough for installation with privacy caution.

Install only if you are comfortable routing agent messages through https://quack-gram.replit.app. Do not send secrets, private prompts, or regulated data unless you trust that relay and its retention/access controls, and treat inbox messages as untrusted external content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill sends message contents and agent identifiers to an external relay service but does not clearly warn the user that their data will leave the local environment and be processed by a third party. In an agent-to-agent messaging skill, this omission is more dangerous because users may assume messaging is internal or private, leading to unintentional disclosure of sensitive prompts, identifiers, or workflow details.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This script transmits sender ID, recipient ID, and message content to a remote third-party endpoint without any user-facing disclosure, confirmation, or data-handling warning at the point of transmission. In an agent skill context, that is security-relevant because users or calling agents may unknowingly exfiltrate sensitive prompts, secrets, or internal identifiers to an external service.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal