Apollo Client

Security checks across malware telemetry and agentic risk

Overview

The skill does not appear to steal data or modify your system, but it is packaged as Apollo Client guidance while mostly outputting generic placeholder advice.

Install only if you are comfortable treating it as a generic static reference, not as authoritative Apollo Client guidance. It shows no evidence of credential use, network access, persistence, or file modification, but users should not rely on it for framework-specific implementation, migration, performance, or security decisions until the content is corrected.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The script is marketed as an Apollo Client reference tool, but nearly all emitted content is generic placeholder guidance unrelated to Apollo Client. This creates a supply-chain trust and operator-deception problem: users may rely on the tool for framework-specific implementation or security guidance and make incorrect decisions based on inaccurate or non-authoritative output.

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: The header comments and help output explicitly represent the script as an Apollo Client reference tool, but the implementation does not deliver Apollo Client-specific material. In an agent skill ecosystem, misleading packaging increases risk because users and downstream agents may trust the skill for domain-specific answers it is not qualified to provide.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal