Security audit
chill.institute
Security checks across malware telemetry and agentic risk
Overview
This is a small, instruction-only browser workflow for sending user-selected chill.institute items to put.io, with the main caution that it can act inside a logged-in account session.
Install only if you are comfortable letting an agent use your logged-in chill.institute/put.io browser session to start transfers. Complete OAuth yourself, do not share passwords in chat, ask the agent to show the selected result before clicking send, and only use the optional putio verification command if you also trust that separate putio skill.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
