tmall-price-scraper
Security checks across malware telemetry and agentic risk
Overview
This skill is a simple browser-guided Tmall price scraper with disclosed login handling and no executable code or hidden persistence.
Install only if you are comfortable having an agent view Tmall product pages and any login-gated product information needed for price extraction. If login is required, keep the session limited to the intended product page and do not authorize checkout, payment, order changes, cart changes, or unrelated account actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.