Back to skill

Security audit

Socialcannon

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward SocialCannon API guide for managing social media accounts and posts, with no evidence of hidden or unrelated behavior.

Install only if you intend to let an agent manage real social media accounts through SocialCannon. Treat publish, reply, delete, disconnect, repurpose post mode, and unscheduled A/B test creation as live external actions; review exact account, platform, content, timing, and deletion effects before allowing those calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents an account-disconnect endpoint that severs OAuth-linked social accounts but does not advise the agent to obtain explicit user confirmation or warn about service disruption. In an agent setting, this can lead to unintended revocation of publishing capability across external platforms from a single API call.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The post deletion endpoint notes that published posts may also be deleted from the external social platform, but it does not present this as a high-visibility warning or require confirmation guidance. This creates a real risk of accidental live-content removal, which can cause business, reputational, or audit impact.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Replying to an engagement causes a public response to be posted on the underlying social platform, yet the skill lacks an explicit privacy and user-impact warning. An autonomous or inattentive agent could therefore publish unintended public statements under the user's brand identity.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The repurpose endpoint's post mode can transform content and immediately publish it to multiple platforms in one request, but the documentation does not foreground that this is a live multi-platform action. In agent workflows, this amplifies the blast radius of mistakes because a single misfire can publish AI-modified content broadly and instantly.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
A/B test creation may publish multiple variants immediately when scheduledAt is omitted, but the skill does not emphasize this as a live-action risk. Because each variant becomes a separate external post, accidental execution can spam audiences, damage brand reputation, and create cleanup burden across platforms.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
SKILL.md:135