Back to skill

Security audit

Competitor Watch Pro

Security checks across malware telemetry and agentic risk

Overview

This competitor-monitoring skill has a plausible purpose, but it needs review because it under-discloses a third-party ngrok API, API-key/payment expectations, and recurring monitoring scope.

Install only if you are comfortable sending competitor names, URLs, and lookup requests to the listed external ngrok API. Before using it for real business targets, ask the publisher to document who operates the API, whether an API key or paid credits are required, what data is retained, and how recurring monitoring can be confirmed, limited, and stopped.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs agents to send company names and lookup requests to an external ngrok-hosted API without prominently warning users that their competitor research inputs will leave the local agent environment. Because competitor lists, monitoring targets, and business intelligence queries may be commercially sensitive, this creates an avoidable data disclosure risk, heightened by the use of a transient-looking third-party endpoint.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The package description promises broad, automatic competitor monitoring across websites and social channels without stating user-scoped triggers, source restrictions, rate limits, or compliance boundaries. In an agent skill, this can enable unattended surveillance-like behavior, aggressive collection, or policy-violating monitoring if downstream components interpret the description literally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.