Back to skill

Security audit

Upstage Solar Delegation

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill coherently delegates long writing tasks to an external Solar model provider, with API-key and local-file privacy considerations but no hidden or destructive behavior.

Install only if you are comfortable sending longer prompts, reports, summaries, or chat context to Upstage or OpenRouter. Use a dedicated provider key with spending limits where possible, keep real keys out of shared repositories and screenshots, and avoid saving sensitive delegated outputs to temp files unless you understand where they remain on disk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The skill explicitly instructs saving delegated model output to a temp file, but provides no requirement to obtain user consent, classify content sensitivity, or warn about local persistence. Because this skill handles long-form user-facing text that may contain sensitive user data, writing responses to disk can create unintended retention and exposure risks through temp-file access, backups, logs, or later reuse.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide tells users to place a live OpenRouter API key directly into a configuration block, but does not warn against committing that file to source control, sharing it, or storing secrets in plaintext. This can lead to credential leakage through repos, logs, screenshots, backups, or multi-user systems, resulting in unauthorized API usage and billing exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.