Back to skill

Security audit

Agent Cron Service

Security checks across malware telemetry and agentic risk

Overview

The skill appears to use a disclosed SettleMesh login flow for its stated dataset-selling purpose, with no evidence of hidden code, exfiltration, or destructive behavior.

Install only if you intend the agent to use your SettleMesh account. Review what account you approve in the browser, prefer a scoped API key if SettleMesh supports one, and log out or revoke the session when you no longer want the agent to act on that account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to initiate `settlemesh login` on the user’s behalf, open a browser for approval, poll until approved, and cache a session, while also saying not to stop to ask the user to log in manually. This normalizes interactive authentication and persistent session establishment without a clear user-facing warning or explicit consent checkpoint, increasing the risk of surprise credential use, unintended account linkage, and unsafe delegated actions in a metered platform.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.