Embodied Ai News

Security checks across malware telemetry and agentic risk

Overview

This skill is a public robotics news briefing helper; its only persistent-change path is a clearly disclosed, user-approved maintenance proposal for its own reference files.

Installers should expect the skill to browse public robotics, AI, arXiv, social media, and GitHub pages to prepare briefings. Treat monthly maintenance proposals as persistent changes to the skill's behavior: review the proposed diff before approving, especially if changes are based on newly discovered sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The workflow explicitly allows the agent to audit its own reference files, generate maintenance proposals, and then apply approved changes to those files. That expands the skill from passive news aggregation into self-modification, which increases attack surface: poisoned sources, prompt-injected content, or user confusion could cause persistent changes to system behavior over time.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal