Security audit

Agent Content Pipeline

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its stated content workflow, but it needs Review because it can install a global posting tool and asks users to handle social-media session cookies.

Install only if you trust the external npm package and are comfortable granting it access to social-media posting credentials. Prefer dry runs, a dedicated browser profile or test account, secure mode, and avoid pasting auth_token or ct0 anywhere except the local CLI prompt.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly instructs users to manually extract `auth_token` and `ct0` cookies from x.com without a clear warning that these are sensitive session credentials equivalent to account access. Even though the skill frames this as a fallback for posting, documenting raw cookie extraction increases the chance of unsafe handling, leakage into logs/chat, or reuse outside the intended encrypted local flow.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal