Zerion Api

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Zerion analytics skill, but it teaches agents to put a user’s API key into prompts sent to an external model service.

Review before installing. Use only a revocable, low-privilege Zerion API key, and avoid workflows or generated artifacts that embed the key in prompts or request bodies. Prefer using the key only through a trusted Zerion connector or a secure credential field, and revoke the key if it has been pasted into an artifact or sent to a model endpoint.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly instructs passing a user-provided API key into prompts and MCP/API call flows without a clear, prominent warning that the key will be transmitted to external services and may be exposed in model/tool inputs. This increases the risk of inadvertent credential disclosure, especially when the same key is embedded in inner prompts or artifact-driven requests.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal