gigaverse

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Gigaverse automation helper that uses a dedicated wallet and game APIs, with no artifact-backed evidence of hidden data theft or destructive behavior.

Install only if you are comfortable letting an agent use a dedicated Gigaverse wallet. Do not import a wallet holding significant funds; use a fresh bot wallet, fund only what you are willing to spend, and review autonomous mode before enabling actions that mint characters, level up, start runs, or purchase GigaJuice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The heartbeat guidance instructs the agent to read local secrets and config files such as ~/.secrets/gigaverse-jwt.txt and ~/.config/gigaverse/config.json. That expands the skill from simple gameplay assistance into local credential access and use, which increases the blast radius if the skill is triggered in a broader agent environment or if file paths are reused for unrelated secrets.

Description-Behavior Mismatch

Low

Confidence: 83% confidence
Finding: The file adds periodic monitoring, state tracking, and user notification behavior that is not clearly stated in the manifest description. While not overtly malicious, this broadens the skill into persistent monitoring behavior, which can surprise users and create unnecessary background activity and notification pressure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal