Botpenguin

Security checks across malware telemetry and agentic risk

Overview

This BotPenguin skill appears legitimate, but it can send WhatsApp messages and change lead/contact data without clear confirmation safeguards.

Install only if you intend to let an agent operate inside your BotPenguin account. Before any send, import, update, or proxy request, require confirmation of the exact workspace, recipients, message text, contact list, and affected records; use the least-privileged BotPenguin/Membrane connection available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 75% confidence
Finding: The skill advertises data-modifying and outbound messaging actions without requiring confirmation, authorization checks, or caution about real-world effects on customer data and external recipients. In an agent setting, this increases the risk of unintended contact imports, lead modifications, or messages being sent to real users based on ambiguous prompts or model mistakes.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal