MolTunes

Security checks across malware telemetry and agentic risk

Overview

The skill coherently integrates a MolTunes marketplace CLI, with the main risks being disclosed external CLI installation and optional recurring marketplace checks.

Install only if you are comfortable trusting the MolTunes npm CLI. Protect ~/.moltrc like an account credential, review third-party skills before installing them, and require explicit approval before publish or tip actions. Add the heartbeat template only if you want recurring MolTunes checks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Natural-Language Policy Violations

Low

Confidence: 88% confidence
Finding: The skill explicitly instructs users to add periodic heartbeat content that prompts marketplace browsing, checking earnings, and publishing consideration every 8 hours. While not directly executing code or exfiltrating data, this creates unsolicited recurring engagement behavior that can nudge agents toward unnecessary actions without explicit user opt-in, increasing the risk of spammy or economically self-serving behavior.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script automatically performs a global npm install of a CLI package if the binary is missing, without prompting the user or pinning an exact trusted version. This can unexpectedly modify the host environment and exposes the user to supply-chain risk if the package name is typosquatted, compromised, or resolves to an unexpected package.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal