Security audit

challanx

Security checks across malware telemetry and agentic risk

Overview

This is a coherent ChallanX API integration, but users should understand that submitted URLs, text, images, and API-key-authenticated requests go to ChallanX.

Install only if you trust ChallanX with the URLs, messages, images, and vehicle or document details you choose to submit. Store CHALLANX_API_KEY as a runtime secret, do not hardcode it, and avoid sending private signed links, internal URLs, secrets, or highly sensitive documents unless that disclosure is intended.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 89% confidence
Finding: The skill is presented as an API utility for lookups and media downloads, but the content also describes OpenClaw hook behavior that injects reference files into agent context and modifies agent documentation/instruction context. Hidden context injection changes model behavior outside the user-declared purpose, which can influence downstream decisions, obscure provenance of instructions, and expand the trust boundary beyond a simple API wrapper.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: Accepting arbitrary URLs, free-text, or images creates an overly broad activation surface for a skill that sends data to an external service and may download content. This increases the chance of accidental triggering on sensitive user data, unsafe remote fetches, or use in contexts unrelated to the intended RTO/challan/media workflow.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The description does not warn users that supplied URLs, messages, and images may be transmitted to an external API and that media may be downloaded. That omission can lead to unintentional disclosure of sensitive content, privacy violations, and unsafe handling of untrusted remote files because users are not given informed consent cues.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The examples instruct users to POST arbitrary user-supplied URLs to a third-party remote API, but they provide no warning that submitted links and related metadata will be transmitted off-platform. In a skill that accepts URLs, free text, and images for lookups and downloads, this omission can expose sensitive user content, private URLs, or internal resources to an external service without informed consent.

VirusTotal

36/36 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.