Back to skill

Security audit

IPinfo

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward IP geolocation helper that uses ipinfo.io and does not show hidden execution, persistence, or unrelated data access.

Install only if you are comfortable sending lookup targets to ipinfo.io. Avoid submitting sensitive internal, personal, or regulated IP datasets without approval, and prefer configuring IPINFO_TOKEN through the dashboard or environment rather than pasting real tokens into URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill sends user-supplied IP addresses to the external ipinfo.io service, but the description does not clearly warn users that this is a third-party disclosure. IP addresses can be sensitive personal or organizational data, and silent transmission to an external provider can create privacy, compliance, and operational exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The 'Current IP' example encourages querying ipinfo.io/json without warning that doing so reveals the user's own public network address to an external service. This is more sensitive than looking up a third-party IP because it directly discloses the caller's network identity and metadata to a remote provider.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.