Back to skill

Security audit

Pogo Pvp

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Pokémon GO PvP helper, but it can store and update a local Pokémon inventory file during use.

Install only if you are comfortable with the skill keeping a local Pokémon inventory in data/my_pokemon.json and refreshing public PvPoke data from GitHub. After using evaluation commands, review the inventory file because missing moves may be auto-filled with recommended moves; do not grant any unrelated purchase or crypto authority if a platform prompt offers it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
This is a genuine transparency and scope-control problem: the declared skill purpose is a simple query tool, but the detected behavior includes persistent local storage of user Pokémon inventory, automatic modification of user data, recommendation generation, and network-backed caching. Hidden stateful behavior is dangerous because users may unknowingly expose personal gameplay data to disk and reviewers may under-assess the privacy and integrity risks introduced by write operations and broader functionality.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The evaluation command is documented and named as a read-only assessment flow, but it mutates persistent user data by auto-populating moves and writing back to my_pokemon.json. This creates an integrity and trust issue: a user can trigger what appears to be a display operation and silently alter their stored collection data, which may overwrite intentional omissions or pollute downstream workflows that rely on user-entered movesets.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description includes very broad trigger phrases such as "PvP" and "宝可梦对战", which are common in ordinary conversation about Pokémon GO battles. This can cause accidental invocation outside the user's intent, leading the agent to inject skill behavior or authoritative-seeming game data into unrelated chats.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The skill metadata is written to operate in Chinese without indicating language negotiation or user opt-in. In multilingual contexts, this can cause unexpected language switching, confusion, or misinterpretation of results, especially when the user is interacting in another language.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code silently writes updated move data to local storage without any user-facing warning, confirmation, or audit trail. Even though the data stays local, undisclosed persistence changes can violate user expectations, make troubleshooting difficult, and cause unintended state changes that are hard to distinguish from deliberate edits.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.