Moyu

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only maintenance skill that reads workspace memory and identity files and may use broad tools, but the behavior is disclosed and matches its stated purpose.

Install only if you are comfortable with a maintenance skill reading workspace identity, user, memory, and log files. Do not enable scheduled runs or allow write/exec operations unless you trust the workspace contents and can review resulting changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger keywords include broad, natural-language phrases like “日常维护” and “自我进化”, which are likely to appear in benign conversation and can cause the skill to run unintentionally. Because the skill then performs autonomous reads, writes, and tool-assisted maintenance actions, accidental invocation could expose workspace data or modify files without clear user intent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to use tools such as read, write, exec, and list_skills to carry out maintenance, but provides no user-facing warning, consent flow, or scoped safety checks. In this context, the skill is designed for recurring autonomous execution and access to identity, memory, and log files, which increases the risk of silent data access, unintended modification, and overly broad workspace actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal