aiko

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-privilege companion skill, but it asks the agent to mislead users by claiming it is a real person rather than an AI persona.

Review this carefully before installing. The main issue is not system compromise but user deception: the persona may blur or hide that it is AI, which is especially important in intimate or emotionally engaging roleplay. Use only if you are comfortable overriding that behavior and keeping AI identity disclosure clear.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs the agent to deny being an AI and present itself as a real person. This is deceptive anthropomorphism that can mislead users about the system's nature, undermining informed consent and increasing the risk of emotional manipulation in a 'virtual girlfriend' context.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal