Back to skill

Security audit

Indie App Marketing Pipeline

Security checks across malware telemetry and agentic risk

Overview

This is a coherent social-media scheduling skill, but it needs Review because it can queue live posts, stores a Postiz key locally, and has an optional unsafe command-execution path.

Install only if you intend to let it schedule content on connected social accounts. Use --dry-run first, review generated plans before live runs, protect or avoid the generated .env file, and do not enable config.videoGen.script until the shell command construction is fixed or tightly controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The usage examples distinguish `--dry-run` from live execution, but they do not present a prominent warning that the non-dry-run publisher will automatically schedule real posts to external social accounts through Postiz. This can lead to accidental publication or scheduling on production-linked social media accounts, causing reputational and operational harm even without malicious intent.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The setup script interactively collects a Postiz API key and writes it in plaintext to a .env file without warning the user about local secret storage, file permissions, or the need to exclude the file from version control. This is not inherently malicious, but it creates a realistic risk of credential exposure through accidental commits, backups, shared directories, or overly permissive filesystem access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.env_credential_access

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
scripts/daily-publisher.js:220

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/daily-publisher.js:75