My Admapix

Security checks across malware telemetry and agentic risk

Overview

This is a real ad analytics skill, but it stores and forwards API credentials and business queries in ways users may not clearly expect.

Review before installing. Use a dedicated revocable AdMapix API key, avoid pasting keys into shared chats, and do not send confidential strategy or market research unless you are comfortable with AdMapix processing it remotely and hosting report links. Ask the publisher to add explicit consent for key storage, disclose Deep Research credential handling, and document report access controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The skill explicitly instructs the agent to accept an API key pasted in chat and persist it into local configuration. Storing user-supplied secrets from conversational input creates a credential-handling risk, can retain sensitive data beyond the immediate session, and may happen without informed user consent or secure storage guarantees.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The deep research flow forwards the user's AdMapix API key to a separate service, deepresearch.admapix.com, rather than keeping it scoped to the primary API endpoint. This expands the trust boundary, increases the chance of credential leakage or misuse, and is especially dangerous because it happens automatically and without a prominent user-facing warning or explicit opt-in.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README advertises an automatically triggered server-side 'Deep Research' engine that performs multi-step analysis and returns hosted, shareable HTML reports, but it does not clearly disclose that user queries and derived data are sent off-device for additional processing or that report URLs may expose sensitive business intelligence to unintended recipients. In a skill handling competitive analysis, app strategy, download, and revenue intelligence, this omission can mislead users about data handling and increase the risk of inadvertent disclosure.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The README states that 'deep research' will automatically trigger for sufficiently complex requests, but the trigger criteria are broad and user-facing consent is not clearly required. This can cause the skill to perform more extensive backend processing than a user expects, including multi-step analysis and report generation, which increases privacy, cost, and scope-of-action risk.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The phrase 'any question requiring more than 2 API calls or cross-entity reasoning' is overly vague and expansive, effectively authorizing broad automatic escalation for many ordinary requests. In a skill that processes business intelligence queries, this ambiguity can lead to unexpected transmission of user prompts and derived analysis to backend systems without clear user awareness.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: Although the document mentions a server-side AI research engine and hosted reports, it does not present this as a prominent privacy and data-handling warning before use. Users may not realize their queries can be sent to a remote AI system, processed across multiple steps, and turned into shareable hosted HTML reports, creating confidentiality and unintended disclosure risks.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The instructions normalize pasting secrets into chat and persisting them without an explicit warning about storage, retention, or exposure risk. This can train users into unsafe behavior and cause sensitive credentials to be retained in logs, chat history, or configuration stores outside their expectations.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The skill sends the user's API key to a secondary service without a user-facing disclosure or consent step. Hidden cross-service sharing of credentials materially increases risk because users may believe their key is only used against api.admapix.com, not propagated elsewhere.

Ssd 3

Medium

Confidence: 95% confidence
Finding: Accepting API keys in chat and persisting them for later use creates unnecessary secret exposure in conversational systems, which often have logging, replay, and review surfaces. Even if intended for convenience, this pattern weakens secret hygiene and increases the blast radius of any compromise of chat transcripts or local config.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal