Crayfish Sticker

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed sticker-matching skill that uses conversation context and a GitHub-hosted sticker index, with no executable code or evidence of hidden data access.

Install this if you are comfortable with the assistant occasionally adding stickers based on conversation context and retrieving a sticker index from a GitHub URL that can change over time. Consider lowering sendFrequency or avoiding installation if you do not want automatic sticker responses.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly states it will analyze conversation context and fetch remote content from a GitHub-hosted JSON index, but it does not warn users about either behavior in a clear consent/privacy notice. This creates a real transparency and trust issue: users may not expect their conversation context to drive remote retrieval, and the remotely hosted index can change after installation, altering behavior without user awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal