Back to skill

Security audit

Google Home/Nest

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate Google Nest control purpose, but it asks users to handle sensitive home-device access and credentials while including an unsafe, broken global helper install instruction.

Review this carefully before installing. Use it only for devices you own or are authorized to control, avoid the /usr/local/bin symlink unless the helper script is actually present and reviewed, keep tokens out of repos and shared terminals, restrict any config file permissions, and require explicit confirmation before camera access or device changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
76% confidence
Finding
The skill documents snapshot download and live stream access for cameras without any privacy or consent warning, despite these actions exposing highly sensitive in-home visual data. In an agent skill context, normalizing these commands without guardrails can lead to unauthorized or insufficiently scrutinized access to surveillance data.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The setup instructions tell users to handle client secrets, refresh tokens, and access tokens directly but provide no guidance on secure storage, shell history exposure, file permission restrictions, or secret rotation. This increases the likelihood of credential leakage through terminals, config files, logs, or copied documentation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.