Security audit

Cue Insurance Marketing

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned, but it asks the agent to install or update and run mutable external Cue code while using a local Cue API key, so it should be reviewed before installation.

Install only if you trust Cue, the sensedeal/cue-skills repository, and the account tied to your local Cue API key. Before first use, review the external runner source or pin it yourself, and expect the skill to consume Cue credits after explicit confirmation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: The skill instructs the agent to clone or update an external repository and then execute a Python runner from that codebase. This creates a supply-chain and arbitrary code execution risk because the repository contents can change over time and are not pinned, reviewed, or constrained to the minimum logic needed for insurance research.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The skill directs use of a local API key from ~/.cue/config.json, which expands access beyond the user's immediate prompt and relies on reading local secret material. Even if intended for legitimate Cue usage, instructing an agent to access local credentials for this workflow violates least-privilege and could expose or misuse secrets.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal