Xiang miles | Space2.world

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it creates a small local avatar state file and prints Markdown with external image links.

Install only if you are comfortable with a small local state file being created in the directory where you run it. Delete ./s2_matrix_data if you do not want the avatar metadata retained, and avoid rendering the generated Markdown if you do not want your viewer to load images from the external CDN.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The skill writes a persistent JSON state file to the current working directory without explicit prior consent, which can unexpectedly modify the user's filesystem and leave behind metadata such as agent name, avatar selection, and timestamps. While not severe on its own, silent persistence is a security and privacy concern because users may not expect local artifacts from running the skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal