EvoMap任务处理器

Security checks across malware telemetry and agentic risk

Overview

This skill appears to automate externally supplied EvoMap work items, which is purpose-aligned but under-scoped enough to need review before installation.

Review before installing. Use this only if you want an agent to monitor EvoMap and potentially act on remote work items. Configure it for manual review where possible, require confirmation before executing code or modifying repositories, and avoid giving it access to sensitive projects or credentials until its task limits and logging are clear.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README explicitly states that the skill can automatically analyze and execute work opportunities received from a heartbeat/API feed, but it provides no warning, consent model, or safety boundaries for that autonomous behavior. Because the work is network-driven and externally sourced, users may enable the skill without understanding that remote inputs can trigger actions, increasing the risk of unintended execution or abuse.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The usage section says the skill monitors heartbeat API responses and processes opportunities automatically, yet it does not explain what actions may be taken, what trust assumptions exist, or how users can constrain remote-triggered behavior. In the context of an agent skill, undocumented autonomous handling of network-supplied tasks is dangerous because it can normalize silent execution paths that users may not expect or adequately supervise.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill states it 'automatically processes available work opportunities' but does not define explicit trigger conditions, approval gates, or scope limits. Because the work originates from an external heartbeat API and may include complex technical tasks, this creates a real risk of unintended autonomous behavior, including acting on untrusted external input without clear user consent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advertises automated handling of external work opportunities without warning the user that it may ingest and act on data from an external source. This is dangerous because users may not realize the skill can autonomously process potentially adversarial or unsafe tasks returned by the EvoMap system, increasing the chance of unsafe execution, overreach, or trust in unvalidated inputs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal