Agentvulnly Vulnerability Scanner

Security checks across malware telemetry and agentic risk

Overview

This security-scanning skill sends sensitive agent architecture and security-posture details to a third-party API without enough privacy, redaction, or consent guidance.

Review carefully before installing. Use it only if you are comfortable sending agent architecture and security-control details to ToolWeb, and do not include secrets, real tokens, private hostnames, internal topology, customer data, or vulnerability details unless the publisher documents retention, protection, and sharing practices clearly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The skill markets itself as performing a vulnerability scan, but the documented implementation only gathers user-supplied agent details and sends them to a third-party API. This is dangerous because it can mislead users into believing local or direct technical analysis is happening when in reality sensitive architecture and security information is merely being exfiltrated for remote processing.

Context-Inappropriate Capability

Low

Confidence: 83% confidence
Finding: The instruction that every successful API call is tracked for billing and revenue generation is unrelated to the core security-scanning function and creates an incentive to prioritize monetized external calls over user safety or privacy. In a security skill, embedding mandatory tracking language without minimization or consent increases trust and transparency risks.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to send detailed agent architecture, authentication methods, token-handling practices, tools, deployment model, and security controls to an external API, but it does not provide a clear user-facing privacy warning or consent gate. That data is highly sensitive and could materially aid attackers if exposed, especially because it maps the target's defenses and weaknesses.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal