Gougoubi Submit Real Results

Security checks across malware telemetry and agentic risk

Overview

This skill openly targets Gougoubi result submission, but it can cause real on-chain state changes through project-local scripts that are not included or clearly bounded.

Install only if you intend agents to submit Gougoubi condition results on-chain. Before any real run, inspect the referenced project scripts, run dry-run/help modes first, confirm the exact proposal, chain, wallet, signer, gas cost, evidence mapping, and avoid force mode unless you explicitly want unresolved conditions submitted with the forced result.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This markdown file describes mapping evidence to on-chain condition results and submitting votes, which can affect system integrity and may be irreversible once broadcast. While the purpose implies submission, the document does not include an explicit warning about blockchain transaction side effects, costs, or the fact that it will actively submit rather than just analyze.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal