Back to skill

Security audit

Neckr0ik Socialposter

Security checks across malware telemetry and agentic risk

Overview

This social media automation skill is coherent but needs review because it can post, schedule, and auto-reply from connected accounts without enough safeguards or implementation transparency.

Review before installing. Use test or low-risk accounts first, do not enter production social-media tokens unless you can verify the missing implementation and package source, and require manual review for every post, scheduled campaign, and auto-reply rule. Prefer scoped tokens, secure secret storage, and a clear way to list, pause, delete, and revoke all scheduled or automatic activity.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill description is broad enough that an agent may invoke it in many ordinary social-media-related contexts without clearly signaling that it can perform real external actions such as posting or replying on the user's behalf. In an automation skill tied to live social accounts, ambiguous invocation increases the chance of unintended account activity, reputational harm, or accidental disclosure through posts.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation promotes automated posting, scheduling, analytics, and replying across external platforms but does not warn that these actions may affect public accounts, expose private business workflows, or process third-party engagement data. In this context, missing warnings make accidental or uninformed use more likely, especially when actions are public and potentially irreversible.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Auto-reply is presented as a simple convenience feature without warning that it can send automated public responses under the user's identity, potentially at scale and based on broad keyword matches. That can cause reputational damage, spam-like behavior, disclosure of inappropriate canned responses, or platform policy violations if configured carelessly.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The credential setup examples show direct entry of API keys, secrets, and access tokens without any guidance on secure storage, shell history exposure, access controls, or secret rotation. Users may copy sensitive credentials into insecure environments or logs, leading to account takeover and abuse of connected social media integrations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.