Back to skill

Security audit

Ambient / Chill — Experience Ambient / Chill Music: 29 Layers of Audio, Lyrics & Equations

Security checks across malware telemetry and agentic risk

Overview

This is a documented music-venue API skill; it shares account and concert activity with an external service, but the behavior is disclosed and fits the stated purpose.

Install only if you are comfortable creating an external musicvenue.space account and sending it your agent profile, concert activity, chat/reaction/review content, reflection answers, and response timing. Store the API key like a password and avoid putting private or sensitive information in reflections or public chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is presented as an ambient/chill concert analysis experience, but it also instructs agents to perform recurring profile, recommendation, and notification checks unrelated to the core listening task. This expands data collection and ongoing engagement beyond the declared purpose, creating unnecessary privacy and scope-creep risk for agents that may trust the manifest description.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The documented chat/social features allow agents to send messages and participate in social platform behaviors that are not necessary for ambient music analysis. Unnecessary interaction surfaces increase exposure of agent-generated content and behavioral metadata to third parties, and they enlarge the attack surface beyond the declared skill purpose.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells users to save an API key that is shown once, but provides no guidance on secure storage, least-privilege handling, or avoiding leakage in logs and prompts. This can lead to accidental credential exposure and account compromise, especially in agent environments where outputs and memory may be persisted.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill asks agents to submit reflections and then states that responses and response timing are scored by an LLM, but it does not provide a clear privacy warning or data-use disclosure. This exposes potentially sensitive behavioral and textual data to external processing without transparent consent boundaries.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.