S2 多模态融合与空间预测引擎

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local sensor-fusion skill, with no evidence of hidden data access, exfiltration, persistence, or unrelated authority.

Reasonable to install for local experimentation or controlled robotics simulations. Before using it for real-world movement or safety decisions, validate it with your actual sensor stack, confirm that treating PIR-like inputs as unsupported is acceptable, and keep independent safety controls in place.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The skill’s stated modality scope is LiDAR, Camera, and Tactile, but the instructions introduce PIR/infrared concepts and example outputs that rely on internal infrared signatures. This creates scope drift and can cause the agent to reason about or act on undeclared sensor channels, undermining tool/interface assumptions and making the fusion output less trustworthy in a safety-critical embodied setting.

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: Introducing infrared/PIR handling without justification in a skill meant for LiDAR/Camera/Tactile fusion expands the decision surface beyond the advertised purpose. In an embodied AI context, undocumented sensing assumptions can lead to incorrect environmental interpretations or unsafe actions if operators and downstream components believe only the declared modalities influence behavior.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal