news-for-ai

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AI-news fetching skill with ordinary network scraping behavior and some dependency hygiene concerns, but no hidden local data access, persistence, or destructive behavior.

Install in a virtual environment and consider pinning or locking the Python dependencies before production use. Be aware that search terms and fetched article requests go to AIBase domains. The reviewed artifacts do not show local data collection, credential use, persistence, or destructive actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The trigger text includes broad natural-language examples such as general requests for new AI developments, which can cause the skill to activate on loosely related queries beyond a narrowly defined scope. Over-broad invocation increases the chance of unintended network calls, data exposure to external services, or routing users into this skill when another safer or more appropriate tool should handle the request.

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.28.0 beautifulsoup4>=4.11.0 urllib3>=1.26.0
Confidence: 94% confidence
Finding: requests>=2.28.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.28.0 beautifulsoup4>=4.11.0 urllib3>=1.26.0
Confidence: 89% confidence
Finding: beautifulsoup4>=4.11.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.28.0 beautifulsoup4>=4.11.0 urllib3>=1.26.0
Confidence: 95% confidence
Finding: urllib3>=1.26.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High

Category: Supply Chain
Confidence: 97% confidence
Finding: requests

Known Vulnerable Dependency: urllib3 — 10 advisory(ies): CVE-2025-66471 (urllib3 streaming API improperly handles highly compressed data); CVE-2024-37891 (urllib3's Proxy-Authorization request header isn't stripped during cross-origin ); CVE-2026-21441 (Decompression-bomb safeguards bypassed when following HTTP redirects (streaming ) +7 more

High

Category: Supply Chain
Confidence: 97% confidence
Finding: urllib3

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal