Security audit
Poyo Extend Music
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed PoYo music-extension helper that only prepares or submits user-approved API requests to PoYo.
Install only if you intend to use PoYo for music extension. Keep POYO_API_KEY server-side, review payloads before submission, and remember that prompts, audio IDs, callback URLs, and generated results may be sent to PoYo and may affect your PoYo account usage or billing.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
