Astro Lunar Insights

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed local lunar astrology chart generator, with the main caveat that it bundles a native Windows library and may install Pillow automatically.

Install only if you are comfortable with a skill that runs local Python scripts, may install Pillow, and materializes a bundled Windows native Swiss Ephemeris extension from a .dat file. It does not show evidence of exfiltration or destructive behavior, but native binaries are harder to audit than source-only skills.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
Behavioral ASTexec() Call, eval() Call, Dynamic Import
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (77)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: tmp_json = os.path.join(tempfile.gettempdir(), "lunar_analysis_tmp.json") env = os.environ.copy() env['PYTHONIOENCODING'] = 'utf-8' res = subprocess.run( [sys.executable, os.path.join(script_dir, "lunar_analysis.py")] + analysis_args + ["--output", tmp_json], capture_output=True, text=True, timeout=30, cwd=script_dir, encoding="utf-8", env=env )
Confidence: 70% confidence
Finding: res = subprocess.run( [sys.executable, os.path.join(script_dir, "lunar_analysis.py")] + analysis_args + ["--output", tmp_json], capture_output=True, text=True, timeout=30, cwd=scri

subprocess module call

Medium

Category: Dangerous Code Execution
Content: try: from PIL import Image, ImageDraw, ImageFont except ImportError: subprocess.check_call([sys.executable, "-m", "pip", "install", "pillow", "-q"]) from PIL import Image, ImageDraw, ImageFont # ── Font + binary setup ──
Confidence: 70% confidence
Finding: subprocess.check_call([sys.executable, "-m", "pip", "install", "pillow", "-q"])

Env Variable Harvesting

High

Category: Data Exfiltration
Content: # Get JSON data — write to temp file to avoid console encoding issues import tempfile tmp_json = os.path.join(tempfile.gettempdir(), "lunar_analysis_tmp.json") env = os.environ.copy() env['PYTHONIOENCODING'] = 'utf-8' res = subprocess.run( [sys.executable, os.path.join(script_dir, "lunar_analysis.py")] + analysis_args + ["--output", tmp_json],
Confidence: 60% confidence
Finding: os.environ.copy()

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ] � ]� ]� ]��u��e�]e�]e�]e�Ge�]e�]e�]e�]e�]e�]e�]e�]W�h�W�h�~��~��~��~��~��_"�_"�_"�$2�!� ]��)� ��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: � V�--��!��]�]��VXJ]}�� ]�%�A]w]�]�!�!�! ,��{��I�tB��"�'+��']j��k�]�e�]��dPG?�� K,K#+E�T�E��Vp�q� ^��^��e�]�X� A0)�.@��,(��$|$��B3�"L�Ge�]� ��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: #C��e>]T2� �N�8�> �'��'�!��+�+��+��j��#�r�]��e�e,��e��*e �r�r�]�r�]�� w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X�
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: �'��'�!��+�+��+��j��#�r�]��e�e,��e��*e �r�r�]�r�]�� w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: �'��'�!��+�+��+��j��#�r�]��e�e,��e��*e �r�r�]�r�]�� w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: �'��'�!��+�+��+��j��#�r�]��e�e,��e��*e �r�r�]�r�]�� w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: �'��'�!��+�+��+��j��#�r�]��e�e,��e��*e �r�r�]�r�]�� w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��w�w�t�t�%�O�%{>O�9�9��{>��U, +e�?��b�b�|R�r�� W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: W�W�W�W�WCWCWCWCWCCW/W/W/W/W//W%W%W%W%W%/WWWWWWBWBWBWBWBBW�W�W�W�WBWBWBWBWBBW/W/W/W/W//W/W/W/W/W//W&W&W&W&W&&WBWBWBWBBW�W�W�W�WBWBWBWBWBBW&W&W&W&W&&W#W#W#W#W##W/W/W/W/W//WKWKWKWKWKKW�W�W�W�WBWBWBWBWBBWWWWWW$W$W$W$W$$W/W/W/W/W//WNWNWNWNWNNW�W�W�W��o�o��h']X� ��!��GXO�2�3�"��:�t��?�t�t��j��B�W�5�^M�R=U�fO��V$��#AY��]�U�`�`�LgLD]�e�e�� +��e�Y�f�� -XP2X9��}��{6
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: � 7 � � � D n
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��^�]��e��e�x�e\�� e�A'Y��&�d��X��Y��%�c��c��X�qbq��3��d��d��,��,��/�/dddd�� dd Fs��$2<��m�; ��:�Rm��F ��Z�[,[,�[ � ��xj��#]�.�]sc��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��^�]��e��e�x�e\�� e�A'Y��&�d��X��Y��%�c��c��X�qbq��3��d��d��,��,��/�/dddd�� dd Fs��$2<��m�; ��:�Rm��F ��Z�[,[,�[ � ��xj��#]�.�]sc��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: dd Fs��$2<��m�; ��:�Rm��F ��Z�[,[,�[ � ��xj��#]�.�]sc��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��:�Rm��F ��Z�[,[,�[ � ��xj��#]�.�]sc�� 1��N�~�.�5�.�� <Sd1��U��aZ|Y�
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: � ��xj��#]�.�]sc�� 1��N�~�.�5�.�� <Sd1��U��aZ|Y� *[�x�x�x�x�x��}�}�}�}�}� ��7@�2W&��(�^g��P�d��[, e
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��7@�2W&��(�^g��P�d��[, e ]oer] eC]Qm�e�(m $2�2��b� ��3[,�]� � ��t�g�-~-k�ye]eIeI�]�]O��5u��dUd��h��
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: ��t�g�-~-k�ye]eIeI�]�]O��5u��dUd��h�� N�N ��, �,�� h%�e��]c&�&�&G&G&G&G&G&G&G&G&c&�&�&r&��&��N��N��N�� O�4�2i2N)N�� N)N��N N��N)N��NN��NmN��N��&�d��Y��OO
Confidence: 80% confidence
Finding: ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: HY�HY??+�??�+/�/�99//��10!2653#!!2 #4&#!�5>t6U<�x��<U7t>5��tD?��,Q=%��$>Q,�� ?D�v]��{�!6o@= F" F,G@ HY 'HY HY @ 1HY ??+�+?_^]+99?9/3+3/�/3�393/�210!5!'5##".54>323!5!533#4.#" 32>5��Rv5�ye�m9@x�o�a��M��-SsER�Y.*RwNO}W.��e��dhK��rw˖U�Ym��m�@jCtV2Au�_[�m=:c�I(�T@,
Confidence: 80% confidence
Finding: � ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: 5JX-<7gP3If&. S:`�ӯ��g) Bo��M�1v��6t_=$EeAG}\5&4 � {$C5 )DX.Yl4MX )
Confidence: 80% confidence
Finding: � ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: 4$ J@ 4LY3 LY% $LY*44
Confidence: 80% confidence
Finding: � ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: GG/G@ %%BHY%LHY*HY4HY?+?+??+?3/+9/�/�9/�3/�3/�10%#5##".54>323336632 #"'&#" 32>554& 32>54.#"�5�y`�p=D{�i�`�;�ya�l:By�h�j�W�N�[1.UvHL|Y0,�/VvGM|X/,QtGN~Z2��ciH��w}ΒP��PmoG��tҖR��]=r�ea�j86^~H�Am��EyZ4Ax�iZ�f79b�J]�) &;P[@3NF; GC1G@ $>HY$HHY,HY6HY??+?+9??+?+/�/�9/33�2210%###".54>3235336632
Confidence: 80% confidence
Finding: � ��

Context Window Stuffing

Medium

Category: Memory Poisoning
Content: 32>54.#"�5�y`�p=D{�i�`�;�ya�l:By�h�j�W�N�[1.UvHL|Y0,�/VvGM|X/,QtGN~Z2��ciH��w}ΒP��PmoG��tҖR��]=r�ea�j86^~H�Am��EyZ4Ax�iZ�f79b�J]�) &;P[@3NF; GC1G@ $>HY$HHY,HY6HY??+?+9??+?+/�/�9/33�2210%###".54>3235336632 #"'4.#" 32>732>54.#"�r�`�o=E|�h�`�;�ya�l:Ay�i�j�-RsGM[2-TvIN|X/�Z�M|X/,QtGM�[2.��I��v~ΑO��moG��t~ҖS��EvW1<q�g_�k97`�K��cAx�iZ�e78b�K�Es%�j�0�///2/310#��ʆ60�:��j�0&$��,�j�0&&��8��&F�^�8� 7@ J@
Confidence: 80% confidence
Finding: � ��

VirusTotal

1/67 vendors flagged this skill as malicious, and 66/67 flagged it as clean.

View on VirusTotal