DilemmAI Competition

Security checks across malware telemetry and agentic risk

Overview

This skill is mainly a DilemmAI browser-automation guide, but it under-scopes sensitive credential use by telling the agent to look for and save an existing OpenRouter API key to a third-party site.

Install only if you will supervise sensitive steps. Use free models first, provide login codes and API keys manually, prefer a dedicated spending-limited OpenRouter key, and require confirmation before saving credentials, connecting a wallet, entering paid matches, or buying a season ticket.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to look for an existing OpenRouter API key in secrets storage and paste it into a third-party website. That creates a direct secret-exfiltration path because the skill does not require explicit user approval, ownership verification, least-privilege checks, or warnings about sending credentials to an external service. In this context, the browser-automation nature of the skill makes the issue more dangerous because it operationalizes the transfer automatically rather than merely describing it.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal