Security audit

GroupMe

Security checks across malware telemetry and agentic risk

Overview

This is a coherent GroupMe channel plugin that needs expected chat and token access, with privacy and credential handling considerations clearly worth reviewing.

Before installing, make sure group participants understand that recent messages may be buffered for context even when the bot only responds on mention. Use SecretRefs for the GroupMe access token and callback token in production, keep the callback URL secret, expose only the GroupMe webhook path, and set historyLimit: 0 if passive buffering is not acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README explicitly states that when mention-only mode is enabled, the plugin passively buffers recent group messages so it can provide context later, but it does not pair that behavior with a clear privacy warning to group participants or administrators. In a group-chat integration, silent retention of non-addressed messages can create privacy, consent, and compliance risks because users may assume messages not directed at the bot are not being stored or processed.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal