Security audit
Rocom
Security checks across malware telemetry and agentic risk
Overview
This is an offline game reference skill that only reads bundled game data and shows no evidence of network access, credentials, persistence, or destructive behavior.
This appears appropriate to install if you want an offline Roco Kingdom reference tool. It still means running bundled local Node.js code, so install it only from a publisher you trust, but the reviewed artifacts do not request credentials, network access, elevated privileges, or background access.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
67/67 vendors flagged this skill as clean.