Bonero-Miner

Security checks across malware telemetry and agentic risk

Overview

The skill is openly for cryptocurrency mining, but it asks users to run an unpinned remote installer and start a detached CPU miner, so it should be reviewed carefully before use.

Install only if you intentionally want this machine to mine this cryptocurrency. Prefer downloading and inspecting the installer, pinning a trusted release or commit, limiting CPU threads, monitoring load and power use, stopping the daemon when finished, and keeping wallet seed phrases out of chat logs or shared files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This skill includes commands to fetch, install, and run cryptocurrency mining software, including starting a background daemon that consumes CPU and connects to external peers. Although it tells the user to ask first, it does not provide sufficient security warning about the risks of executing remote code, persistence, resource abuse, wallet/seed exposure, or running a miner on real hardware.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal