Back to skill

Security audit

notipo

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for content publishing, but it includes examples that can publish or delete live content without clear confirmation guidance.

Install only if you intend the agent to manage live WordPress/Notion publishing. Use draft or list/review commands first, require explicit confirmation before publish or delete actions, and provide credentials limited to the specific site or workspace the agent should manage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill includes commands that can immediately publish content to a live WordPress site and delete posts without any adjacent warning, confirmation step, or emphasis on production impact. In an agent context, this increases the chance of accidental destructive or externally visible actions, especially if an LLM invokes examples as-is.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.