Tool Parameter Abuse
High
- Category
- Tool Misuse
- Content
```http GET /api/v1/projects/:projectId DELETE /api/v1/projects/:projectId → 204 No Content ``` ---
- Confidence
- 88% confidence
- Finding
- DELETE /api/v1/projects/:projectId
Desing mobile apps
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Sleek API helper for mobile app design, with expected API-key and project-management access but no hidden code or unrelated data access.
Install only if you want your agent to use Sleek on your behalf. Use a revocable SLEEK_API_KEY with only the scopes needed, avoid sending sensitive prompts or private image URLs, and require explicit user confirmation before deleting any Sleek project.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)
VirusTotal
64/64 vendors flagged this skill as clean.