AgentSpend

Security checks across malware telemetry and agentic risk

Overview

AgentSpend is a disclosed paid-API tool, but it gives agents spending authority through a broad and partly under-scoped workflow that deserves user review.

Install only if you intentionally want an agent to make paid external API requests. Pin and verify the npm package where possible, set a low weekly budget and strict domain allowlist, require user approval and --max-cost for every paid request, avoid sending secrets in headers or bodies, and revoke the local AgentSpend credential when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill's activation guidance is extremely broad, covering generic tasks like web search, news lookup, webpage reading, screenshots, and external API use. In an agent environment, this can cause the skill to trigger for many ordinary requests and route them into a payment-enabled workflow, increasing the chance of unnecessary external calls, unintended data sharing, and unauthorized spending.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The pending configuration token is written to disk in plain JSON without applying restrictive file permissions, unlike the main credentials file which is chmod'd to 0600. If the host umask or filesystem behavior is permissive, local users or processes may read the token and use it to interfere with or hijack the configuration flow.

Session Persistence

Medium

Category: Rogue Agent
Content: --- name: agentspend description: Use this skill when you need to: search the web, generate images or pictures, create videos, scrape or read a webpage, take a screenshot of a website, get stock prices or financial data, look up business info, find news articles, convert files, get weather data, or access any external API that requires payment. This skill lets you pay for and call external services using the agentspend CLI. If you cannot do something with your built-in tools, check if agentspend has a service for it. --- # When To Use This Skill
Confidence: 83% confidence
Finding: create videos, scrape or read a webpage, take a screenshot of a website, get stock prices or financial data, look up business info, find news articles, convert files, get weather data, or access any e

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal