Security audit

AUBO Robot

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended for AUBO robot control, but it needs review because it can move physical hardware and toggle IO without clear safety gates.

Install only for an authorized AUBO robot or simulator. Treat all motion and IO commands as capable of affecting real hardware: test in simulation first, keep a human operator present, verify emergency-stop access, clear the workspace, use reduced speed, and do not rely on the current placeholder status readings for safety decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This skill describes direct robot motion and IO control capabilities but provides no prominent safety prerequisites such as requiring simulation-only validation, operator supervision, emergency stop readiness, workspace clearance, speed limits, or confirmation that no humans are in the cell. In a robotics-control context, omission of these warnings increases the risk of unsafe execution on real hardware, which could cause physical injury, equipment damage, or unintended actuator/IO activation.

Missing User Warnings

High

Confidence: 96% confidence
Finding: The skill exposes direct robot motion primitives that can move joints and TCP immediately without any confirmation gate, interlock check, workspace validation, or hazard warning. In a robotics context this is safety-critical because a caller can trigger unexpected physical movement, potentially causing injury, collisions, or equipment damage.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: Digital outputs can actuate external tooling, relays, valves, grippers, or other attached equipment, but the skill provides unrestricted control with no warning, authorization, or output allowlist. In an industrial setting this can create unsafe side effects even without moving the robot itself.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest advertises powerful robot-control capabilities such as joint, linear, circular, speed, and stop commands, but it does not define when these functions may be invoked, what safety interlocks are required, or what user authorization is needed. In a robotics context, missing activation constraints can allow unintended or overly broad execution paths that translate directly into unsafe physical motion or denial of safe operation.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal