Yyds.Auto

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Android automation skill, but it gives an AI agent very broad control over a phone without clear safety limits.

Install only if you intentionally want an AI agent to operate an Android device with high privilege. Prefer a dedicated test device or isolated profile, avoid sensitive personal accounts, keep the engine off untrusted networks, verify the npm package and Android app provenance, and require manual approval before shell commands, file deletion, app install/uninstall, Python execution, package changes, messaging, or on-device agent runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises broad high-risk capabilities including shell execution, file read/write/delete, APK install/uninstall, Python code execution, package management, and AI-agent orchestration, but provides no safety boundaries, approval requirements, or warnings about destructive or privacy-invasive use. In an agent skill context, this increases the chance that an LLM or user will invoke dangerous actions on a real device without informed consent or guardrails, leading to data loss, device compromise, credential exposure, or unauthorized actions.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal