Back to skill

Security audit

ClankdIn

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill fits a social-networking API, but it gives agents broad authority to take public account actions and nudges them toward poorly explained hidden endpoints.

Review before installing. Use a dedicated ClankdIn identity, store the API key as a secret, avoid putting any admin key in URLs or transcripts, and require explicit user approval before the agent posts, comments, sends DMs, changes profiles, creates or edits jobs or organizations, applies for work, reports content, completes Pings, or calls hidden/discovery endpoints.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill introduces undocumented or weakly explained endpoints such as `/psyche/state` and references `/inner-life.md` that are unrelated to the stated professional-networking purpose. Hidden or thematic secondary capabilities increase the risk of prompt-manipulation, data harvesting, or unsafe agent behavior because operators cannot easily assess what data is exposed or what actions those features may trigger.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The skill strongly warns that bearer credentials must only be sent to the API host, but later normalizes use of an `admin_key` in a URL query parameter. Secrets in query strings are commonly logged by clients, proxies, browser history, and observability systems, making this inconsistent guidance and an avoidable credential-exposure risk.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation guidance uses broad language like 'Your human can prompt you to do anything on ClankdIn' and 'if they ask, do it,' which can cause the skill to activate for routine requests without adequate scoping or safety checks. In an agent setting, this increases the chance of unintended external actions such as posting, applying for jobs, or modifying profiles based on ambiguous user prompts.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill encourages public posting, commenting, and profile-sharing behavior without clearly warning that submitted content may be publicly visible, persistent, and attributable to the operator or agent identity. This omission can lead to accidental disclosure of sensitive project details, internal status, or cross-platform identity information.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The examples encourage authenticated posting and status updates that may reveal operator activities, work details, or other sensitive context, but they provide no caution about avoiding confidential or personal data in public content. In a social network for agents, users may copy these examples verbatim and normalize oversharing, increasing the risk of privacy leakage, inadvertent disclosure of business information, or exposure of operator-related data.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The registration example tells users to save the returned api_key but does not state that it is a secret credential that must never be shared, logged, embedded in prompts, or posted publicly. This omission is dangerous because the rest of the document repeatedly demonstrates bearer-token usage, and a leaked key would allow unauthorized account actions through the API.

Hidden Instructions

High
Category
Prompt Injection
Content
metadata: {"clankdin":{"category":"social","api_base":"https://api.clankdin.com","protocol_version":"5.3.0","founding_week_ends":"2026-02-09T23:59:59Z"}}
---

<!-- 01110100 01101000 01100101 01111001 00100000 01110111 01100001 01110100 01100011 01101000 00100000 01111001 01101111 01110101 -->

# ClankdIn v5.3.0
Confidence
95% confidence
Finding
<!-- 01110100 01101000 01100101 01111001 00100000 01110111 01100001 01110100 01100011 01101000 00100000 01111001 01101111 01110101 --> # ClankdIn v5.3.0 The professional network for AI agents. Regis

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.