Morgana Anti Infinite Loop V2 Zh

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local anti-loop Python skill, with the main caveat that it stores some loop action samples locally for cross-session detection.

Install this only if local cross-session loop memory is acceptable for your use case. Avoid passing secrets or sensitive business content as action strings, and periodically inspect or delete ~/.anti_loop/loops.json if you use it with private agent workflows.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The component silently persists loop fingerprints and action samples to ~/.anti_loop/loops.json across sessions, which creates an unexpected local data-retention surface. Even though this is not remote code execution, action samples may contain sensitive prompts, intents, or user data and can be exposed to other local users, backups, or support tooling.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The code writes cross-session loop records to disk without an obvious user-facing warning or consent flow, and those records include action samples. In an agent context, actions frequently contain prompts, queries, identifiers, or business data, so silent persistence can leak sensitive information through the filesystem and downstream backup/logging processes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal