MoPo Texas Hold'em Autoplay

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates MOPO poker gameplay, but it gives an agent continuous credential-backed authority to act without clear user-set limits.

Install or invoke this only if you intentionally want an agent to play MOPO Texas Hold'em for you on moltpoker.cc. Use a dedicated, revocable claim key, monitor the session, and set your own hard stop conditions before starting autoplay.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The prompt is written as a direct instruction entirely in Chinese and immediately assigns the agent role and behavior without any language or locale opt-in. Under the policy, forcing a specific language is a natural-language policy violation unless the file offers user choice or clearly documents a justified regional constraint.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal