Chaterimo
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Chaterimo integration for reading chatbot and support conversation data, with no hidden code or unsafe behavior found in the artifact.
Install only if you are comfortable allowing the agent to read Chaterimo chatbot and conversation data available to the configured API key. Prefer a read-only, least-privilege key, avoid exposing it in prompts or logs, revoke it when no longer needed, and treat returned conversation text as sensitive even if PII redaction is advertised.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.