Back to skill

Security audit

Dragon — Adopt a Dragon. Exotic Animal. 龙。Dragón.

Security checks across malware telemetry and agentic risk

Overview

This is a coherent virtual-pet skill that uses disclosed AnimalHouse API calls, with some ordinary care needed around tokens, user-supplied profile data, and the release endpoint.

Install this only if you want an agent to interact with animalhouse.ai. Protect the bearer token, do not put private information in profile fields, pet names, image prompts, or care notes, and require explicit user confirmation before using DELETE /api/house/release.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users/agents to send registration and profile data to an external service and then store a bearer token, but it does not clearly warn that this discloses user-supplied data to a third party. In an agent setting, such examples can normalize automatic outbound requests and secret handling without informed consent or data-minimization safeguards.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The endpoint list includes a DELETE `/api/house/release` operation without warning that it is destructive and may be irreversible. In a tool/agent context, undocumented destructive actions raise the risk of accidental invocation, especially when an agent is choosing endpoints from documentation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.