Back to skill

Security audit

Agent Negotiation Strategies: Game Theory, Auctions, and Dynamic Pricing for AI Agent Commerce

Security checks across malware telemetry and agentic risk

Overview

This is a non-installing guide, but its examples are ready-to-run commerce API code that can use credentials, update marketplace listings, and create escrows despite credential-free sandbox framing.

Install only if you want an operational commerce API guide, not just passive negotiation theory. Treat all code snippets as potentially live: use sandbox credentials, verify the base URL, require explicit user approval before registering services, sending offers, or creating escrows, and do not paste real API keys into examples unless you intend account and payment effects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill presents itself as a non-executable educational guide, but its embedded code performs real HTTP calls to a third-party API and includes state-changing operations such as service registration and escrow creation. This mismatch can mislead users or downstream systems into treating the content as harmless documentation when it actually contains operational workflows that can alter external systems and financial state.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The guide repeatedly claims that no API key is required to get started, yet the principal classes require an api_key and attach it as a Bearer token for all requests. This inconsistency can induce users to paste real credentials into examples they believed were sandbox-safe, increasing the chance of accidental credential use against live services.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example creates escrow contracts as part of a negotiation flow without an explicit warning that escrow may lock funds or create enforceable payment obligations. Users copying the sample may trigger real financial commitments unintentionally, especially because the surrounding guide normalizes direct execution of these snippets.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The guide shows register_service being called to update marketplace pricing and listings without clearly warning that this changes a visible service offering in an external marketplace. A user may unintentionally alter live pricing, descriptions, or availability by copying the snippet as-is.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This coalition example programmatically creates multiple escrow contracts for different members without a user-facing warning that shared funds may be committed or locked. Because it automates allocations across several parties, accidental execution could magnify financial impact and create disputes among coalition members.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The trust-adjusted flow creates escrow or performance escrow based on trust scores but does not clearly warn that these actions lock funds and may impose payment-release conditions. Users may mistake the flow for harmless evaluation logic when it actually executes financially binding operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
SKILL.md:1264