Security audit
Xiao Goal Tracker
Security checks across malware telemetry and agentic risk
Overview
This is a simple goal-tracking skill with only documentation and metadata, and no evidence of hidden code, credential access, or data sharing.
Before installing, confirm the package name because the README and metadata use slightly different names, and treat any goals, deadlines, and progress you enter as personal information. The provided artifacts do not show suspicious access or sharing behavior.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.