Back to skill

Security audit

Claude Companion

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only skill for using an external virtual-pet service, with no local code execution or hidden install behavior found.

Before installing, understand that running the examples creates or uses an animalhouse.ai account and sends the entered username, display name, bio, pet name, image prompt, and care notes to that service. Treat the ah_ bearer token like a password, avoid private information in prompts or notes, and be aware the virtual pet's remote state can change permanently.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill is framed as a broad 'Claude companion' without clear activation boundaries, trigger phrases, or non-applicable contexts. Ambiguous scope can cause the agent to invoke the skill in unrelated conversations, increasing the chance of unsolicited external API usage, account creation guidance, or persuasive redirection to a third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to register, save a bearer token, and send profile content to animalhouse.ai, but it does not clearly disclose the privacy and security implications of transmitting personal text and authentication credentials to an external service. In an agent setting, users may not realize that bios, pet notes, and tokens are sensitive and should not be casually shared, logged, or reused.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.