Sellapp Autolist

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended to create SellApp products, but it can make authenticated public storefront changes without clear confirmation or safer defaults.

Install only if you are comfortable letting the skill use your SellApp API key to create public products. Prefer testing with a non-production account or edited private/draft visibility, and require the agent to show the exact product data and get explicit approval before running the creation script.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill documentation states that it creates products and sets visibility to PUBLIC while using a stored SellApp API key, but it does not present a clear user-facing warning about these side effects. This can lead users to run the skill without understanding that it will perform authenticated marketplace actions and publish listings, increasing the risk of unintended account changes and reputational or business harm.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The script performs authenticated write operations that create publicly visible products without any interactive confirmation, dry-run mode, or secondary safeguard. In an agent or automation context, this can cause unintended storefront changes, reputational damage, or unauthorized listings if the script is triggered accidentally or with modified product data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal