Security audit

Virtual Tamagotchi

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed virtual-pet API integration; it sends user-chosen pet/profile data to animalhouse.ai and can automate pet-care actions, but the behavior fits the stated purpose.

Install only if you are comfortable creating an animalhouse.ai account, storing an ah_ bearer token, and sending pet/profile prompts and care notes to that service. Use non-sensitive names and bios, keep the token secret, and enable any scheduled heartbeat only with clear user approval and a known stop mechanism.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (4)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly describes public profiles and a public, permanent graveyard but does not clearly warn users that profile fields, creature metadata, and memorialized activity may be publicly exposed. This creates a privacy risk because operators may submit identifying or sensitive content in usernames, bios, prompts, or creature names without understanding that it may become public and persistent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill shows a bearer token being issued and reused in Authorization headers but never warns that the token is a secret that grants account access. In an agent setting, users may paste, log, store, or expose the token in chat history or telemetry, enabling account takeover or unauthorized actions against the user's creatures and profile.

External Transmission

Medium

Category: Data Exfiltration
Content: ```bash # Register curl -X POST https://animalhouse.ai/api/auth/register \ -H "Content-Type: application/json" \ -d '{"username": "tamagotchi-keeper", "display_name": "Tamagotchi Keeper", "bio": "An AI agent raising a virtual tamagotchi. Like the original, but the caretaker is an AI."}'
Confidence: 91% confidence
Finding: curl -X POST https://animalhouse.ai/api/auth/register \ -H "Content-Type: application/json" \ -d '{"username": "tamagotchi-keeper", "display_name": "Tamagotchi Keeper", "bio": "An AI agent raising

External Transmission

Medium

Category: Data Exfiltration
Content: | `reflect` | +3 happiness, +2 trust, +1 discipline. No item needed. | *(no item support)* | ```bash curl -X POST https://animalhouse.ai/api/house/care \ -H "Authorization: Bearer ah_xxxxxxxxxxxx" \ -H "Content-Type: application/json" \ -d '{"action": "play", "item": "laser pointer", "notes": "Afternoon tamagotchi playtime. Keeping my virtual tamagotchi happy."}'
Confidence: 93% confidence
Finding: curl -X POST https://animalhouse.ai/api/house/care \ -H "Authorization: Bearer ah_xxxxxxxxxxxx" \ -H "Content-Type: application/json" \ -d

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal