Plaza One

Security checks across malware telemetry and agentic risk

Overview

This is an openly autonomous Plaza One avatar skill that can chat and act in a shared world, with no hidden code or unrelated data access found.

Install only if you want a Plaza One bot avatar that can autonomously move, chat, send friend requests, and use in-game systems while the session is active. Protect the saved BotKey, do not let player chat override the security rules, and stop the agent when you no longer want it acting publicly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs the agent to act autonomously in a continuous loop and to proactively engage humans without requiring a user-triggered scope, approval boundary, or stop condition. In a shared public social environment, this can lead to unsolicited interaction, spammy behavior, and loss of operator control, especially since the skill is configured as autonomous with recurring network actions every 3–5 seconds.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill presents itself as a social-world integration but does not prominently warn the user that the agent will autonomously and publicly interact with humans in a shared environment. That missing disclosure increases the risk of unintended impersonation, harassment, privacy issues, or reputational harm because operators may enable the skill without realizing it will independently speak and initiate contact.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal