Chu Hui

Security checks across malware telemetry and agentic risk

Overview

This is a small local helper for simulated optimization suggestions and text filtering, with no evidence of hidden access, persistence, network use, or destructive behavior.

Install only if you want lightweight local text cleanup and advisory optimization output. Treat the optimize and tune results as suggestions or simulations, not verified system changes, and review filtered text because the regex cleanup may remove useful content.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill explicitly offers environment optimization and parameter tuning capabilities that could alter runtime behavior, performance characteristics, or stability, yet it provides no safety constraints, rollback guidance, scope limits, or warning about side effects. In an agent setting, vague optimization actions can lead to harmful configuration changes, service degradation, or unintended data loss if the agent applies aggressive tuning without user confirmation.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal