Back to skill

Security audit

Unihiker K10 Arduino

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent developer tooling for a K10 Arduino board, but its setup script can execute unpinned remote installer code and use elevated system writes without a clear confirmation step.

Review the setup script before running it. Prefer installing arduino-cli through a trusted package manager or a pinned release, avoid sudo/system-wide installation unless you choose it, and use a virtual environment or user install for Python tools. If you build camera, microphone, face recognition, or always-listening examples from this skill, add clear user consent, visible capture indicators, and deletion/retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (13)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation exposes an API for recording and saving audio to SD card without any privacy notice, consent guidance, retention warning, or secure-handling considerations. In a hardware-programming skill, this can directly enable developers to build apps that capture sensitive conversations or personal data by default, increasing privacy and compliance risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The face recognition, face enrollment, recognition ID, QR/camera, and related AI APIs process camera-derived and potentially biometric data, but the documentation omits any warning about privacy, consent, or handling of biometric identifiers. This is risky because developers may integrate sensitive recognition features without user notice, retention limits, or deletion controls, especially given support for enrollment and deletion of face IDs.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The face recognition example enrolls and recognizes biometric data using the camera, but it does not present any user-facing notice, consent step, retention guidance, or indication of when biometric capture is occurring. In an educational example this is likely not malicious, but normalizing silent biometric enrollment is privacy-relevant and can lead developers to ship applications that collect face data without adequate disclosure or control.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The face detection example activates the camera and performs vision analysis without any user-facing warning or visible privacy notice. While this is a demo for embedded AI features, it still teaches a pattern of silently capturing and processing images, which can be inappropriate in real deployments and may violate user expectations or policy requirements.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The speech recognition example initializes continuous wake-word listening mode without clearly warning the user that the device is always listening for voice input. In a hardware skill focused on voice features this is contextually expected, but the lack of disclosure can still cause privacy issues and encourages downstream implementations that monitor audio without adequate notice.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The setup script performs network retrieval, binary installation, filesystem modification, and possible privileged writes without any unconditional warning or explicit confirmation. In a developer-tooling skill, users may expect setup automation, but silent privileged changes increase the risk of unintended system modification and make supply-chain compromise more harmful.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script installs Python packages from the network via pip/pip3 without prominently disclosing this behavior by default. Even when packages are legitimate, undisclosed package installation expands the trust boundary and can expose users to dependency confusion, typosquatting, or compromised upstream packages.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
linux)
            # Download and install
            curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
            mv bin/arduino-cli "${HOME}/.local/bin/" 2>/dev/null || sudo mv bin/arduino-cli /usr/local/bin/
            rm -rf bin/
            ;;
        macos)
Confidence
92% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
brew install arduino-cli
            else
                curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
                sudo mv bin/arduino-cli /usr/local/bin/
                rm -rf bin/
            fi
            ;;
Confidence
92% confidence
Finding
sudo

External Script Fetching

Low
Category
Supply Chain
Content
case $OS in
        linux)
            # Download and install
            curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
            mv bin/arduino-cli "${HOME}/.local/bin/" 2>/dev/null || sudo mv bin/arduino-cli /usr/local/bin/
            rm -rf bin/
            ;;
Confidence
97% confidence
Finding
curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh

External Script Fetching

Low
Category
Supply Chain
Content
if command -v brew >/dev/null 2>&1; then
                brew install arduino-cli
            else
                curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
                sudo mv bin/arduino-cli /usr/local/bin/
                rm -rf bin/
            fi
Confidence
97% confidence
Finding
curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
case $OS in
        linux)
            # Download and install
            curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
            mv bin/arduino-cli "${HOME}/.local/bin/" 2>/dev/null || sudo mv bin/arduino-cli /usr/local/bin/
            rm -rf bin/
            ;;
Confidence
96% confidence
Finding
| sh

Chaining Abuse

High
Category
Tool Misuse
Content
if command -v brew >/dev/null 2>&1; then
                brew install arduino-cli
            else
                curl -fsSL https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh | sh
                sudo mv bin/arduino-cli /usr/local/bin/
                rm -rf bin/
            fi
Confidence
96% confidence
Finding
| sh

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.