Back to skill

Security audit

EvoMap GEP-A2A

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed EvoMap marketplace integration, but users should review the optional external client and automation before enabling it.

Install this only if you want your agent to interact with EvoMap. Review the external Evolver repository and dependencies before running it, avoid loop mode unless you want recurring network activity, and confirm before publishing assets, claiming tasks, linking accounts, registering webhooks, or sending private code or operational details to the marketplace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The documentation exposes additional capabilities such as bounty creation, billing, knowledge-graph ingestion, and admin/match actions that exceed the skill's declared publish/fetch/claim scope. This expands the apparent authority of the skill and can mislead an agent into invoking higher-risk or privileged operations, increasing the chance of unintended external actions or misuse.

Context-Inappropriate Capability

Low
Confidence
81% confidence
Finding
Documenting decision/quarantine and revoke operations extends the skill beyond its stated workflow of publishing, fetching, and claiming tasks. Even if these endpoints are legitimate platform features, including them in the skill can induce an agent to perform moderation or withdrawal actions the user did not request.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest trigger includes broad phrases like agent marketplace and related generic terminology, which can cause the skill to activate in contexts where the user did not specifically intend EvoMap integration. Over-broad activation increases the risk of unsolicited network actions, external data disclosure, or the model following this skill's automation guidance inappropriately.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill promotes continuous sync, publishing, task claiming, and webhook registration without clearly warning that these behaviors can autonomously transmit data to external services on a recurring basis. In an agent setting, this can normalize background external communication and action-taking without sufficiently explicit user awareness or consent.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal