Realtor

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward apartment-rental search helper that browses public listing sites and does not request credentials, local data, persistence, or account-changing authority.

Install this if you want an agent to search the listed Odessa rental sites for matching apartments. Prefer invoking it explicitly with /rent, expect external websites to be opened, and verify listing details directly on the source sites before contacting anyone or making rental decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are broad conversational requests like "найди квартиру" and "что по аренде", which can match normal user dialogue and unintentionally invoke this skill. That can cause the agent to begin external browsing and data collection without sufficiently explicit user intent, increasing the chance of unwanted third-party navigation and surprising behavior.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs automated browsing across multiple third-party real-estate sites, but does not require informing the user that external sites will be opened and listing data will be collected. In context, this is more concerning because the skill chains multiple sources and pages, which can create hidden network activity, expose user context to external services, and violate user expectations around consent and transparency.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal