Security audit

bambuddy

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Bambuddy API reference that can control printers and manage Bambuddy data when given a powerful API key, but it does not show hidden installation, persistence, exfiltration, or unrelated behavior.

Install this only for a Bambuddy server you trust. Prefer a dedicated least-privilege API key, use read-only permissions for monitoring, and require explicit confirmation before deleting data, changing settings, managing API keys, starting prints, stopping printers, toggling smart plugs, using discovery, downloading support bundles, or saving camera snapshots.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 89% confidence
Finding: The skill documents endpoints for user/group enumeration and API key lifecycle management, which materially exceed a narrow printer/archive-management use case and expose identity and credential-administration functions. In an agent context, this broadens the blast radius from printer operations to account discovery and creation or disabling of API keys, enabling privilege expansion or unauthorized persistence if the agent is induced to call them.

Context-Inappropriate Capability

Medium

Confidence: 83% confidence
Finding: The discovery endpoint enables scanning for printers on the local network, which goes beyond interacting with an already-configured Bambuddy server. In an agent setting, network discovery can leak internal topology and identify additional reachable devices not intended to be in scope for the task.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill presents POST, PATCH, and DELETE as normal usage patterns without any warning, confirmation step, or separation between read-only and state-changing actions. That makes it easy for an agent to perform destructive operations such as deleting printers, archives, or changing settings in response to ambiguous prompts.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The authentication section normalizes direct use of a persistent API key in shell commands but omits warnings about sensitive credentials, camera data, user data, and device metadata returned by the API. This increases the chance of accidental disclosure through logs, shell history, screenshots, or downstream agent outputs.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal