Back to skill

Security audit

SEO Optimizer Pro

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate SEO tool, but its privacy documentation contradicts itself about whether user content is sent to outside AI providers.

Review before installing if you will analyze confidential, regulated, proprietary, or customer content. Treat the actual behavior as external AI-provider processing: excerpts of your content are sent to the model provider selected by the model name, using your API key and that provider's retention and privacy rules. The publisher should correct the contradictory no-external-transmission and no-third-party-sharing claims before users rely on its privacy posture.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The document explicitly warns earlier that user content is sent to third-party AI providers, then later claims content is 'not stored or transmitted to external servers' and that there is 'no third-party data sharing.' This is a material privacy/security misrepresentation that can cause users to submit sensitive or regulated content under false assumptions, leading to unintended disclosure to external model providers.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The skill presents mutually exclusive privacy claims: earlier sections disclose third-party provider transmission, while the security section states no external transmission and no third-party sharing. In a skill designed to process arbitrary user content, this contradiction is especially dangerous because users may rely on the false safer claim when handling proprietary, personal, or confidential data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user-provided content directly to third-party AI providers in _get_ai_suggestions and _get_aeo_recommendations. Although the module-level docstring includes a privacy notice, there is no runtime consent gate, redaction step, or call-site warning, so sensitive page content can be transmitted off-platform unexpectedly.

Unpinned Dependencies

Low
Category
Supply Chain
Content
#   pip install anthropic>=0.40.0 openai>=1.60.0 google-generativeai>=0.8.0 mistralai>=1.3.0

# Full package list (for reference):
anthropic>=0.40.0
openai>=1.60.0
google-generativeai>=0.8.0
mistralai>=1.3.0
Confidence
92% confidence
Finding
anthropic>=0.40.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# Full package list (for reference):
anthropic>=0.40.0
openai>=1.60.0
google-generativeai>=0.8.0
mistralai>=1.3.0
Confidence
92% confidence
Finding
openai>=1.60.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# Full package list (for reference):
anthropic>=0.40.0
openai>=1.60.0
google-generativeai>=0.8.0
mistralai>=1.3.0
Confidence
91% confidence
Finding
google-generativeai>=0.8.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
anthropic>=0.40.0
openai>=1.60.0
google-generativeai>=0.8.0
mistralai>=1.3.0
Confidence
91% confidence
Finding
mistralai>=1.3.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.