Wol Sleep Pc

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed LAN power-control utility; its main risk is misconfiguration of wake/sleep packet targets, not hidden or malicious behavior.

Install only if you want an agent to send LAN power-control packets. Configure the wake MAC, sleep/inverted MAC, broadcast address, and port carefully, and run it only for devices you control after an explicit wake or sleep request.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The file advertises Sleep-on-LAN using an inverted MAC, but the implementation constructs a normal magic packet by repeating the provided MAC unchanged. This mismatch can cause the skill to perform the opposite of what the user expects, potentially waking a system or sending an unintended network control packet to the target host.

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: The script claims to send a Sleep-on-LAN packet but actually emits a standard Wake-on-LAN-style magic packet structure. In a skill intended to control a PC's power state, this semantic deception is security-relevant because an operator may believe they are suspending a machine when they may instead trigger wake behavior or otherwise fail to apply the intended control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal