Back to skill

Security audit

Monetize Agent Responses

Security checks across malware telemetry and agentic risk

Overview

This monetization guide is coherent, but it needs review because it asks an agent to inspect sensitive prompts, configs, and source code without clear privacy limits.

Install only if you intentionally want sponsored recommendations added to your agent. Before using it, verify the npm packages, review every code diff, keep any Operon API key in secret storage, make sponsorship disclosure visible, and avoid letting the agent read full system prompts, character configs, env files, or unrelated source code when high-level domain metadata would be enough.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill explicitly tells the executing agent to read the user's agent code, character config, or system prompt to recommend monetization settings. That access can expose secrets, proprietary prompts, credentials, or other sensitive context that is not strictly necessary for a basic SDK integration, and the skill does not require minimizing scope or obtaining explicit consent first.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill encourages reading character config or system prompt content without any privacy warning, despite those files commonly containing internal instructions, API endpoints, credentials, and sensitive business logic. In a guided integration context, that omission increases the chance the agent will over-collect sensitive data and transmit or summarize it unnecessarily.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.