Unihiker K10 Platformio

Security checks across malware telemetry and agentic risk

Overview

This is a normal UNIHIKER K10 programming helper; its camera and microphone examples need classroom privacy care but do not show hidden data collection or misuse.

Safe to install for K10 PlatformIO work. Before using the face or speech examples in classrooms or shared spaces, get consent, make camera/microphone activity obvious, and use only trusted offline bundles because the installer extracts them into the PlatformIO tool directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

High

Confidence: 78% confidence
Finding: The face recognition example demonstrates biometric enrollment and identification without any warning, consent guidance, or retention notice. In workshop or classroom settings this can normalize collecting biometric identifiers without informed consent, creating privacy and compliance risk even if the code is only a sample.

Missing User Warnings

Medium

Confidence: 80% confidence
Finding: The speech recognition example continuously listens for a wake phrase and commands without clearly warning the user that the microphone is active. On a physical device used in classrooms or workshops, this can lead to unexpected audio monitoring and privacy concerns, especially for minors or shared spaces.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal