Back to skill

Security audit

Vector Control

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets an agent control a local Vector robot, including movement, speech, audio playback, and camera snapshots, but users should supervise physical and camera use.

Install only if you are comfortable allowing an agent to move Vector, speak through it, play selected audio, and save camera images. Keep Wirepod limited to localhost or a trusted private network, supervise movement and patrol/explore routines, avoid untrusted media files, choose snapshot paths carefully, and release behavior control when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation clearly instructs use of a Python CLI that performs local HTTP API access and shell-invoked tooling, yet the skill declares no permissions. This creates a trust and transparency gap: operators or enforcement layers may treat the skill as lower risk than it actually is, despite its ability to move a robot, access the camera stream, and invoke local commands.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises camera snapshot capture and image extraction without any privacy notice, consent guidance, or handling restrictions. Because this is a physical robot camera in a local environment, the feature can capture sensitive images of people, homes, screens, or documents, making the omission materially risky in context.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The document exposes direct robot-control and camera-streaming endpoints without any safety, authorization, privacy, or consent guidance. In the context of an agent skill, this can normalize or enable movement, speech, and camera access with no warning to downstream users, increasing the risk of unauthorized physical actions or surveillance on a local networked device.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The patrol and explore routines initiate autonomous physical movement without safety interlocks, environment checks, or strong operator confirmation, which can cause collisions, falls, or unintended continued behavior in the real world. The code also assumes behavior control but does not reliably release it afterward, increasing the chance of lingering control state or operational disruption if the routine is interrupted.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.