AI Content Publisher

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill openly helps publish blog posts to public platforms, but users should confirm content and account targets before running its live publishing commands.

Install this only if you want an agent to help publish content publicly. Review the final article, tags, canonical URL, destination platforms, and selected account before any publish or batch step, and prefer draft mode or an explicit confirmation gate when possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill provides ready-to-run publishing commands that will immediately transmit article content to third-party platforms and make posts publicly visible, but it does not warn the user about the live external side effects. In an agent setting, this increases the risk of unintended publication, accidental data disclosure, and irreversible public posting because the examples look like routine formatting steps rather than externally impactful actions.

External Transmission

Medium

Category: Data Exfiltration
Content: ### 4. Publish to Dev.to (API) ```bash curl -X POST https://dev.to/api/articles \ -H "api-key: $DEVTO_API_KEY" \ -H "Content-Type: application/json" \ -d '{
Confidence: 91% confidence
Finding: curl -X POST https://dev.to/api/articles \ -H "api-key: $DEVTO_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "article": { "title": "TITLE", "body_markdown": "CONTENT",

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal