Back to skill

Security audit

Gpt Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ChatGPT browser-automation tool for article review, with privacy and overwrite cautions users should understand before use.

Install only if you are comfortable sending the reviewed article and prompt contents to ChatGPT/OpenAI through your logged-in Brave session. Do not use it with confidential, regulated, or unpublished material unless that is approved for ChatGPT use, and choose output paths carefully because existing files can be overwritten.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly automates sending article content and review prompts to ChatGPT via a browser session, but it does not warn users that their content will be transmitted to an external third-party service. This creates a real data handling and privacy risk, especially if users provide unpublished drafts, confidential materials, or regulated data under the assumption processing is local or agent-internal.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script reads arbitrary prompt content from CLI or a file and sends it to ChatGPT through a browser session without any explicit user confirmation or warning about third-party data disclosure. In an agent skill context, this can easily exfiltrate sensitive local content, proprietary text, or secrets to an external service if upstream workflows pass such data implicitly.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The script writes model output directly to a caller-specified path without warning about overwrite behavior or the possibility that generated content may contain sensitive or unsafe text. While this is not code execution, it can cause accidental data loss or unsafe persistence of externally sourced content in automated workflows.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.