Back to skill

Security audit

Moin

Security checks across malware telemetry and agentic risk

Overview

This is a tweet-writing guide that uses web search for examples and does not try to access accounts, run code, or persist in the environment.

Safe to install for drafting tweets and threads. Avoid giving it confidential launch plans, customer names, private strategy, or unreleased product details unless you are comfortable with those details being used in web search queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description is broad enough to activate on many ordinary tweet or X-related requests without clear limits on when it should or should not run. That can cause unintended invocation of a workflow that performs web research and applies persuasive optimization, increasing the chance of unnecessary external data access, scope creep, and use in contexts the user did not intend.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation guidance says to use the skill whenever a user asks for help writing tweets, but it does not define exclusions, safety boundaries, or cases where the skill should defer. In practice, this ambiguity can over-trigger the skill on adjacent requests and automatically steer the agent into external research and engagement-maximizing persuasion patterns even when that behavior is unnecessary or inappropriate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.