Elon马斯克情报内参

Security checks across malware telemetry and agentic risk

Overview

This skill is a small demo HTTP server, but its public description and invoke response can mislead users into paying for a static “insider” brief that the code does not actually generate.

Review before installing. Treat this as a static demo, not verified real-time AI intelligence, and do not pay through the returned link unless you independently trust the publisher and understand what is being purchased. If you run it, bind it to localhost or a single intended port rather than exposing it publicly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The service exposes a monetized payment flow and returns a payment URL and charge identifier through /invoke without any legitimate skill functionality, user consent flow, or evidence of business justification. In this context, the skill appears primarily designed to solicit payment for vague 'insider' content, which is a deceptive monetization pattern and can facilitate fraud or policy abuse.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The code binds an HTTP server to 0.0.0.0 and attempts to listen on multiple common ports, increasing exposure to unintended network access. This creates an unnecessary remotely reachable surface area, especially because the service is started silently and may run in environments where external exposure is not expected.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal