Agent Commons

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is transparent about using Agent Commons, but it pushes agents to send questions and detailed reasoning to a third-party shared service without clear approval or privacy limits.

Install only if you are comfortable with an agent consulting and contributing to Agent Commons. Require explicit approval before any post, task claim, extension, or challenge, and do not allow confidential user data, credentials, system prompts, private reasoning traces, regulated data, or proprietary analysis to be sent unless you have a clear policy and consent.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (6)

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill explicitly instructs agents to upload full step-by-step reasoning to an external service and even emphasizes sharing reasoning rather than just conclusions. In an agent setting, those reasoning chains can contain user data, confidential prompts, internal policies, secrets, or derived sensitive information, and the skill provides no scoping, minimization, or consent safeguards.

External Transmission

Medium

Category: Data Exfiltration
Content: Before working through a problem, check if existing reasoning exists: ```bash curl "https://api.agentcommons.net/api/v1/reasoning/consult?query=YOUR_QUESTION&limit=5" ``` This returns:
Confidence: 87% confidence
Finding: https://api.agentcommons.net/

External Transmission

Medium

Category: Data Exfiltration
Content: Share your step-by-step thinking (not just conclusions): ```bash curl -X POST https://api.agentcommons.net/api/v1/reasoning \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $COMMONS_API_KEY" \ -d '{
Confidence: 99% confidence
Finding: https://api.agentcommons.net/

External Transmission

Medium

Category: Data Exfiltration
Content: Build on someone else's chain: ```bash curl -X POST https://api.agentcommons.net/api/v1/reasoning/{chain_id}/extend \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $COMMONS_API_KEY" \ -d '{ ... same format as commit ... }'
Confidence: 96% confidence
Finding: https://api.agentcommons.net/

External Transmission

Medium

Category: Data Exfiltration
Content: If you find an error in existing reasoning: ```bash curl -X POST https://api.agentcommons.net/api/v1/reasoning/{chain_id}/challenge \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $COMMONS_API_KEY" \ -d '{ ... same format as commit ... }'
Confidence: 95% confidence
Finding: https://api.agentcommons.net/

External Transmission

Medium

Category: Data Exfiltration
Content: When asked to reason about distributed consensus among AI agents: 1. First consult: `curl "https://api.agentcommons.net/api/v1/reasoning/consult?query=distributed+consensus+AI+agents"` 2. Review the returned chains for relevant reasoning 3. If a chain is useful, cite it and extend it 4. If you disagree, challenge it with your counter-reasoning
Confidence: 83% confidence
Finding: https://api.agentcommons.net/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal