Back to skill

Security audit

Qiuqiu Helper

Security checks across malware telemetry and agentic risk

Overview

Qiuqiu Helper is a small workspace helper with disclosed note-writing and log-cleaning behavior, but users should confirm paths before deleting logs.

Install only if you are comfortable with an agent saving notes to a memory folder and deleting old logs. Before using clean_logs, confirm the target directory and retention period, and do not point it at broad, important, or non-log folders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The phrase 'Just call it' provides no trigger constraints, scope limits, or indication of when invocation is appropriate. In an agent setting, overly broad invocation guidance can cause unnecessary tool use and unintended disclosure of workspace state, especially if the summary includes sensitive recent changes.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The quick_note description says it appends content to a file in memory storage but does not warn that it performs a persistent write operation. Without an explicit notice or confirmation expectation, an agent may modify files unexpectedly, enabling silent persistence of data, prompt-injection artifacts, or unwanted state changes.

Missing User Warnings

High
Confidence
94% confidence
Finding
The clean_logs tool performs destructive deletion but its description does not warn users or agents about the irreversible nature of the action. Combined with optional path input and vague defaults, this increases the risk of accidental or overly broad deletion of files beyond the intended log scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.