Back to skill

Security audit

Win Mouse Native (Windows)

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it lets an agent move and click the Windows mouse using local scripts, with no evidence of hidden data access, persistence, or network activity.

Install only if you want an agent to control your Windows mouse. Review the .cmd and .ps1 text before saving them as executable scripts, use explicit coordinates or verified targets, and supervise clicks or drags on payment pages, permission prompts, account settings, or other sensitive screens.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

45/45 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.