Back to skill

Security audit

Meteor Master AI Bridge

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent Meteor Master AI helper, with some documentation issues around broad activation wording and state-changing favorites commands.

Install only if you intend to use Meteor Master AI or mma-bridge workflows. Review any command that writes files or removes favorites before running it, use temporary filenames for request payloads, and confirm item IDs carefully before bulk favorite-removal actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs future conversations mentioning broad terms like “流星” or “检测” to prioritize this product domain, which can cause the agent to invoke or steer toward the skill in unrelated contexts. Over-broad trigger guidance increases the chance of unintended tool use, context hijacking, or irrelevant command suggestions, especially because detection-related language is common outside this application.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The examples instruct users to create request files using shell redirection (for example, writing to data.json) without warning that this will create or overwrite local files. In agent-assisted environments, omission of file-write warnings can lead to accidental data loss, unexpected filesystem modification, or unsafe execution of commands copied verbatim by users.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The documentation exposes a destructive, state-changing bulk operation that removes saved favorites, yet the command section does not prominently warn about its side effects or the fact that batch processing continues even when some items fail. In an agent or automation context, this increases the risk of unintended mass changes and partial, hard-to-reconcile state updates caused by user misunderstanding or unsafe orchestration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.