Security audit

cpbox-llm-context

Security checks across malware telemetry and agentic risk

Overview

This is a coherent paid web-grounding skill, but it can trigger automatic paid requests and expose precise location data without clear budgeting or consent guidance.

Review this skill before installing. Use it only when current web grounding is needed, configure a low-balance or capped payment wallet, require confirmation for paid calls, and avoid sending private queries or precise location unless the user explicitly agrees and trusts the provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The manifest description is very broad and marketing-oriented, which can cause an agent to invoke this paid external web-grounding skill for generic 'AI' or 'agentic app' tasks rather than only when web retrieval is clearly needed. That increases unnecessary external data transmission and tool overuse, especially in autonomous systems that rely heavily on manifest text for routing.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The documentation encourages sending precise geolocation headers, including latitude and longitude, but does not provide a privacy warning, minimization guidance, or consent requirements. In agent settings, this can lead to over-collection and external disclosure of sensitive location data to a third-party service when users may not expect such sharing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal