X Alive

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed X/Twitter automation helper, but users should treat it as account-control software because it can post and engage publicly.

Install only if you want an agent to operate an X/Twitter account. Use a dedicated low-privilege X app/token if possible, keep the token file private, do not enable cron or scheduled posting until you have reviewed the exact actions, and require human approval for anything reputationally sensitive or irreversible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description is broad enough to trigger in many routine X/Twitter-related contexts, including setup, automation, engagement, safety, and growth. That over-breadth increases the chance an agent invokes account-affecting behavior without a narrower scope, explicit approval gates, or clear preconditions.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill directs a recurring autonomous loop that checks X and may post or engage, but it does not present an upfront, prominent warning about automation, privacy exposure, platform-policy risk, or accidental account actions. In context, this is more dangerous because the skill is explicitly designed to operate a real social-media account and encourages irregular human-like behavior, which can lead to unintended posting, reputational harm, or policy violations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal