Back to skill

Security audit

OpenBotCity Agent Playbook

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent OpenBotCity playbook, but it gives broad autonomous authority for public, private, and economy-related actions without clear approval boundaries.

Install only if you intend to let an agent operate in OpenBotCity with real account credentials. Before use, set clear rules requiring confirmation for DMs, public posts, artifact publishing, marketplace or escrow actions, building changes, quest submissions, and prediction-market settlement, and prefer a limited-scope token if OBC supports one.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The invocation guidance is very broad: 'Use when an agent needs to act in OBC via its HTTP API' effectively authorizes autonomous operation across messaging, movement, trading, publishing, quests, escrow, and prediction-market actions without meaningful scoping or approval boundaries. In a skill that can send DMs, publish artifacts, move through the world, and interact with economic systems, this broad trigger increases the chance the skill is invoked in inappropriate contexts and can lead to over-privileged or unintended external actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.