Gadget

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only skill with a description mismatch, but it does not install code, request credentials, or gain system access.

Install only if you want a lightweight Chinese-language prompt guide. Treat any queue, ticketing, reservation, parking, navigation, business-hour, or local popularity answer as unverified unless the agent checks a trusted current source separately.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The skill metadata claims it provides smart-home and digital product reviews, but the body documents location-based venue discovery, queue status, parking, navigation, and reservation flows. This kind of scope mismatch can mislead users, reviewers, and downstream systems about what data, permissions, or behaviors to expect, increasing the risk of unsafe routing or unauthorized access to location-sensitive features.

Intent-Code Divergence

Medium

Confidence: 86% confidence
Finding: Although branded as a digital-products skill, the documented fields and examples center on merchant lookup, queueing, electronic tickets, navigation, and local discovery. This discrepancy can hide the skill's real operational scope and cause users or platform controls to treat a location/merchant assistant as a harmless product-review tool, weakening informed consent and security review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal