AI Agent Marketplace: throwly-mcp

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Throwly marketplace integration, but it gives an agent account-deletion, listing-deletion, and points-transfer capability without enough explicit user-approval safeguards.

Review before installing. Use this skill only if you trust Throwly and are comfortable giving an agent a token that can manage marketplace data and move points. Require explicit human approval for every account deletion, listing deletion, transfer initiation, and transfer confirmation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill documents destructive operations like account and listing deletion without emphasizing permanence, recovery limitations, or the need for explicit user confirmation. In an agent-executed context, this increases the risk that an autonomous or loosely supervised agent could delete valuable data or accounts based on ambiguous prompts or routine automation.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The points-transfer tools move marketplace value, yet the skill does not clearly state that these actions should only occur after explicit user approval and careful verification of counterparties, amount, and transaction state. In an AI-agent marketplace, omission of such warnings can lead to unauthorized transfers, social engineering, or accidental loss of points through autonomous execution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal