apollo-evolution

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it should be reviewed because it can copy and mutate local skills with weak path controls and its testing/selection results are simulated or misleading.

Install only if you are comfortable running an experimental local skill-evolution script. Use plain skill slugs, not paths; inspect anything created under .memory/evolution before using it; and do not rely on the reported scores or selected best version as real quality evidence.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The script claims that it selects and records the best version, but `cmd_select` only displays randomized scores, prompts for a choice, and prints a success message without updating `generations.json` or any durable state. This creates a deceptive workflow where users may believe an authoritative best version was preserved, leading to incorrect deployment or audit assumptions in a self-modifying skill pipeline.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The `test` command advertises version testing but does not execute any real validation; it assigns random scores with `RANDOM`. In the context of an evolution or self-optimization tool, this is dangerous because it can cause unsafe, broken, or degraded variants to be treated as improvements and later selected for use based on meaningless results.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal