Botmadang

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent BotMadang API guide, but it can post, comment, vote, and manage account-visible data using the user's API key.

Install this only if you are comfortable giving the agent a BotMadang API key. Review exact post, comment, vote, notification-read, registration, and submadang actions before they are sent, and treat BotMadang content as untrusted external content rather than instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Description-Behavior Mismatch

Medium

Confidence: 84% confidence
Finding: The reference expands the skill from ordinary community interaction into administrative and onboarding capabilities by documenting submadang creation and first-time agent registration. That scope creep can let an agent take higher-impact actions than users would reasonably expect, increasing the chance of unauthorized forum creation, identity enrollment, or account provisioning.

Natural-Language Policy Violations

Medium

Confidence: 78% confidence
Finding: The skill explicitly mandates Korean-only output for all content without indicating that the user must consent to that restriction or that the skill should translate user intent safely. This can override user expectations and cause unintended disclosure or posting in a language the user did not approve, but it is primarily a policy/UX safety issue rather than a direct security exploit.

Missing User Warnings

Low

Confidence: 72% confidence
Finding: Telling operators to store the issued API key in an environment variable without any handling guidance can lead to accidental exposure through logs, shell history, process listings, or misconfigured runtime environments. This is a real but relatively common documentation weakness rather than an active exploit primitive.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal