C2C Platform Skill System

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is coherent for C2C marketplace operations, but it should be used only with strong controls around user data, secrets, and account or fund actions.

Install only if you operate or advise a C2C marketplace and are authorized to handle its operational data. Use anonymized or minimized exports where possible, never paste live cloud/payment/SMS secrets into the agent, and require human approval for freezes, bans, payouts, withdrawals, or other account-impacting decisions. Define consent, opt-out, access control, retention, audit logging, and deletion rules before using real user or financial data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (11)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger description includes very broad generic terms such as "platform," "marketplace," and "local service," which can cause the skill to activate in contexts far outside the intended C2C local-services domain. In an agent setting, overbroad invocation increases the chance of unintended routing, exposing users to irrelevant or high-risk operational guidance around payments, wallets, compliance, or growth mechanics when they did not explicitly request this skill.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This section explicitly proposes collecting and analyzing highly sensitive user data, including browsing history, search terms, order history, inferred income, and especially IM communication records, without any mention of consent, data minimization, access control, lawful basis, retention limits, or notice to users. In the context of a C2C marketplace, this creates substantial privacy, compliance, and insider-abuse risk because the skill operationalizes surveillance-style profiling across multiple user roles, including referral-network analysis.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: This section defines user recall tactics using Push and SMS but does not require consent checks, opt-out handling, frequency caps beyond strategy design, or privacy disclosures. In a growth-operations skill for a C2C platform, that omission can directly enable spammy or non-compliant outreach and misuse of behavioral data for re-engagement.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: This section specifies event tracking, data-source integration, and real-time monitoring without stating data-minimization, lawful basis, user notice, or access-control requirements. Because it operationalizes collection of user activity data, the lack of safeguards increases the risk of over-collection, opaque monitoring, and unauthorized internal access.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The push strategy section discusses segmentation, personalization, and timing optimization but does not explicitly require prior consent, opt-out enforcement, or user-facing notification controls. That makes the skill more dangerous in context because it is designed to maximize engagement, which can easily drift into abusive or non-compliant messaging practices.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: Dormant-user activation via Push, SMS, and internal messages is inherently sensitive because it targets disengaged users using historical behavior and balance data. Without explicit privacy, consent, and outreach-sensitivity constraints, the skill can facilitate intrusive profiling and repeated unsolicited contact.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The document specifies broad collection and analysis of detailed transactional, behavioral, and financial event streams, including user actions, payment events, and wallet-like ledger activity, but does not include any privacy constraints, minimization guidance, retention limits, access controls, or compliance checks. In a C2C local services platform context, this is sensitive operational guidance that could normalize over-collection and downstream profiling without safeguards, increasing privacy, insider misuse, and regulatory risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill describes automated restrictive actions, including freezing related accounts for 72 hours based on high-risk fund anomaly alerts, without requiring human review, appeal paths, evidence thresholds, or false-positive handling. In a platform handling balances, withdrawals, and disputes, such automation can directly block user funds and services, creating serious abuse, fairness, and compliance risks if triggered incorrectly or maliciously.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This step explicitly calls for highly sensitive personal identity documents and infrastructure details, including business licenses, ID cards, server access information, and verification photos, but provides no guidance on minimization, redaction, retention, encryption, or secure transmission. In a skill intended to operationalize compliance workflows, that omission can normalize unsafe collection and handling of regulated personal data and credentials, increasing risk of privacy violations, identity theft, and unauthorized infrastructure exposure.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill asks for Alibaba Cloud AccessKey and Tencent Cloud SecretKey directly as workflow inputs without any warning that these are live secrets requiring secure storage and handling. If users follow this literally in an AI-assisted environment, the skill could expose cloud credentials in prompts, logs, traces, or downstream tools, enabling unauthorized SMS use, account abuse, cost fraud, and possible lateral access depending on key scope.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill enumerates sensitive app permissions such as location, camera, contacts, and storage as standard application review inputs but gives no privacy warning or least-privilege guidance. In the context of a C2C local-services platform handling personal and transaction data, this can encourage overbroad permission requests and weaken privacy-by-design practices, increasing regulatory and user-harm risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal