Pulsebot App Builder

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Timeplus/Pulsebot app builder; it has normal local-service and CDN dependency risks for that purpose, but no evidence of hidden, destructive, or deceptive behavior.

Install only if you intend to build Timeplus Proton/Pulsebot browser apps. Review generated HTML before opening it, especially the SQL query, localhost:8001 access, and third-party unpkg script tags; use trusted or pinned/local dependencies if your Proton data is sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The activation guidance is broad enough to trigger on generic app/dashboard requests, which can cause the agent to apply this skill outside its intended Timeplus/Pulsebot context. That increases the chance of generating HTML that assumes localhost Proton access and pulls external scripts when the user did not ask for or expect those behaviors.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to generate apps that connect to localhost:8001 and fetch executable JavaScript from unpkg CDNs without any explicit disclosure, consent, or trust validation. In context, this can lead users to open a local HTML file that silently initiates local network access and remote dependency loading, creating supply-chain and unintended data exposure risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal