蓝牙设备监控

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets a Mac user view and control local Bluetooth devices, with the main caution that power and disconnect commands can interrupt peripherals.

Install blueutil only from a trusted Homebrew source. Use read-only commands freely, but be careful with disconnect and power off commands, especially if your keyboard, trackpad, mouse, or audio device depends on Bluetooth.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 82% confidence
Finding: Documenting `power on` and `power off` commands without a clear warning understates that these commands change system connectivity state and may immediately disconnect keyboards, trackpads, headsets, or other Bluetooth peripherals. In a Mac environment, disabling Bluetooth can cause availability and usability issues, especially if primary input devices depend on it.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal