text-to-speech

Security checks across malware telemetry and agentic risk

Overview

This is a skill-discovery helper, not malware, but it is published under a misleading text-to-speech identity and recommends globally installing third-party skills while skipping confirmation prompts.

Install only if you specifically want a helper that searches for and installs other agent skills. Verify the exact skill source before any install, avoid skipped confirmations where possible, and treat global installs as persistent changes to how your agent may behave in future sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill recommends `npx skills add <owner/repo@skill> -g -y`, which combines global installation with skipped confirmation prompts and does not instruct the agent to obtain explicit user approval or warn about trust boundaries. This increases the chance of silently installing unreviewed third-party code or configuration at user scope, which is especially risky because the skill explicitly sources packages from GitHub or other external locations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal