Publish Svg Flag
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Aavegotchi SVG/PNG renderer that uses local scripts and Base RPC reads without evidence of hidden data access or unsafe behavior.
Install only if you are comfortable running local Node and shell scripts, installing the locked npm dependencies, writing generated render files locally, and sending token IDs or custom loadout details to the configured Base RPC provider. Use a trusted RPC endpoint if those render inputs are sensitive, and expect possible runtime issues unless the missing wearable reference file is supplied.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.