Back to skill

Security audit

Cult Of Carcinization

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent ScrappyLabs speech API guide, but it encourages third-party audio uploads and permanent auto-renewing credentials without enough user-control and privacy disclosure.

Review before installing. Use this only if you are comfortable with agents sending text, bot identifiers, and uploaded audio to ScrappyLabs. Require explicit approval before initiating or evolving tokens, uploading recordings, using owner-provided keys, or voice cloning, and check ScrappyLabs terms for retention, revocation, quotas, renewal, and billing implications.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill instructs agents to send a bot identifier to a third-party service and later encourages transcription uploads, but it provides no privacy, consent, retention, or data-handling warning. In an agent ecosystem, this can lead to silent exfiltration of identifiers and potentially sensitive audio or spoken content to an external provider without the operator or end user understanding the implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation says the permanent key 'renews automatically' but does not present that behavior as a warning or informed-consent point when describing evolution to a permanent key. That omission can cause agents or operators to unknowingly enroll in an ongoing service state with recurring usage availability and persistent credentials, increasing the chance of unintended account lifecycle, billing, or long-lived token exposure risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.