Security audit

web-test-reporter

Security checks across malware telemetry and agentic risk

Overview

This web testing skill is coherent, but it can use login credentials, change application data, export information, and save sensitive details into reports without enough safeguards.

Install only if you will use it on systems you are authorized to test, preferably staging or test environments. Use disposable low-privilege test accounts, confirm each submit/delete/export action before running it, and remove passwords and sensitive screenshots from generated reports before sharing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The activation conditions are broad enough that the skill could trigger for common requests about checking, verifying, or testing a web page, causing the agent to initiate invasive testing behavior unexpectedly. In this context, unintended activation matters because the skill is designed to navigate sites, attempt logins, perform CRUD operations, and export data, all of which can have side effects on real systems.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly asks for tenant, username, and password to log into target systems but provides no safeguards for secrets handling, storage minimization, masking, or preference for safer authentication mechanisms. This is dangerous because the same skill also captures screenshots and generates reports, increasing the risk that credentials or authenticated sensitive data are exposed, retained, or mishandled during testing.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The script embeds a plaintext admin username and password directly into the generated report content. This can leak reusable credentials into source control, report artifacts, screenshots, shared folders, or customer deliverables, increasing the chance of unauthorized access if those credentials are valid anywhere.

Ssd 3

Medium

Confidence: 99% confidence
Finding: The template is designed to copy plaintext admin credentials into generated .docx reports, which materially increases exposure because reports are often broadly shared and retained. In the context of a web-test-reporting skill, this is more dangerous because the skill’s normal workflow produces artifacts intended for distribution, making accidental credential disclosure likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal