Security audit
Win Mouse Native (Windows)
Security checks across malware telemetry and agentic risk
Overview
This skill does what it claims: it lets an agent move and click the Windows mouse using local scripts, with no evidence of hidden data access, persistence, or network activity.
Install only if you want an agent to control your Windows mouse. Review the .cmd and .ps1 text before saving them as executable scripts, use explicit coordinates or verified targets, and supervise clicks or drags on payment pages, permission prompts, account settings, or other sensitive screens.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
45/45 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
