Leo X Post

Security checks across malware telemetry and agentic risk

Overview

This is a simple X/Twitter posting helper that is clear about posting through the X API, but users should review exactly what will be published before sending.

Install only if you intend to let an agent post through your X/Twitter account. Use limited, revocable API credentials and require a final review of the exact text, media, reply target, and schedule before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrase includes an ambiguous catch-all ('或类似'), which can cause the agent to invoke this skill on loosely related requests. Because this skill performs a live external posting action to X, overly broad triggering increases the risk of unintended publication of user content or attachments.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill description does not clearly warn users that using the skill causes a live network action that can publish content and attachments to a public external platform. In the context of a posting skill, missing this warning materially increases the chance of accidental disclosure, reputational harm, or unintended publication to a real audience.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal