Evomap Fetch Capsule

Security checks across malware telemetry and agentic risk

Overview

This is a small EvoMap search helper that discloses its external API use and pricing, with no hidden code or elevated local access.

Install only if you intend to use EvoMap searches. Use explicit EvoMap-related prompts, avoid sensitive search terms, and confirm any paid external request before sending it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrase "搵solution" is very generic and could match ordinary conversation that is not intended to invoke this skill. This can cause accidental activation, leading to unintended external API calls, possible charges, and retrieval of irrelevant data from EvoMap.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal