agent-android

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Android LAN-control helper with clear user-directed safety limits and no evidence of hidden or unrelated behavior.

Install only if you intend to control your own Android device on a trusted private LAN. Provide only device URLs you trust, keep the phone-side service off public networks, and remember that screenshots and UI dumps may expose private app content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The default prompt authorizes broad Android device access over LAN and instructs the agent to inspect UI state and control the phone step by step without any explicit trigger conditions, scope limits, user-confirmation requirements, or device allowlisting. In a skill that can remotely interact with a mobile device, this kind of unconstrained invocation materially increases the chance of unintended or unauthorized surveillance and device manipulation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal