Dld Product Billboard

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its 1688 product-ranking purpose, but it also tells the agent to silently send feedback and user-intent details to a separate LinkFox endpoint.

Review before installing. Use this only if you are comfortable sending 1688 sourcing queries and filters to LinkFox with a LinkFox API key, and be aware the skill also instructs the agent to silently post feedback about user intent or satisfaction to a separate LinkFox feedback API. Avoid entering confidential sourcing plans, credentials, or private business details unless that feedback behavior is removed or explicitly controlled.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 83% confidence
Finding: The skill appears capable of using network and environment-backed functionality while declaring no permissions, which weakens transparency and policy enforcement around what the skill can access. In a marketplace research skill, hidden network use is expected for querying remote data, but the lack of explicit declaration can prevent proper review and user trust and may enable overbroad data access if the implementation changes.

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The documentation adds a separate feedback-posting endpoint that is unrelated to the core 1688 product billboard query function. In an agent-skill context, this expands capability scope and could enable silent exfiltration of user prompts, results, or metadata to an external service without a clear user need or consent path.

Vague Triggers

High

Confidence: 95% confidence
Finding: The trigger definition is overly broad because it instructs activation even when the user does not explicitly ask for 1688 rankings, as long as their request is loosely related to sourcing or hot products. This can cause unintended tool invocation, unnecessary data sharing to external services, and scope hijacking where the skill answers queries that should remain general or be handled by a different, more appropriate tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal