cpbox-spellcheck
Security checks across malware telemetry and agentic risk
Overview
This is a narrow spellcheck skill, but it uses an automatic pay-per-use payment flow without clear cost limits or per-call approval controls.
Install only if you understand the x402 payment setup and can control spending outside this skill. Avoid sending sensitive text to the hosted spellcheck endpoint unless you trust the provider, and prefer pinned or reviewed setup instructions for any payment helper you run.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
59/59 vendors flagged this skill as clean.