Back to skill

Security audit

Jrb Remote Site Api Skill Repo

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate WordPress administration skill, but it gives an agent broad site-changing power without enough safety boundaries.

Install only if you intend to let an agent administer WordPress sites. Use separate least-privilege tokens per site, keep tokens out of prompts and logs, and require explicit human confirmation before publishing, deleting, installing or updating plugins/themes, switching themes, uploading media, or accessing CRM/support customer data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill advertises powerful remote administrative actions such as plugin/theme installation, activation, deletion, and content CRUD without any warning about destructive impact, authorization expectations, or need for explicit user confirmation. In an agent context, this increases the risk of unsafe autonomous changes to a production WordPress site, including service disruption or compromise through untrusted plugin/theme installs.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation introduces a bearer-style API token and remote site targeting but omits basic security guidance on token handling, storage, scope, rotation, and the sensitivity of remote admin access. This can lead operators or downstream agents to expose the token in logs, prompts, screenshots, shell history, or insecure environments, enabling full remote control of the WordPress site.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.