Helmet

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Helmet library-account helper, with expected but sensitive credential storage and account actions.

Install only if you trust the @helmet-ai/helmet npm package and are comfortable storing library card numbers, PINs, and session cookies locally. For shared or family profiles, tell your agent to ask before renewing loans, placing holds, or canceling holds, especially when multiple profiles are saved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly recommends that an agent 'auto-renew overdue loans if renewable' as part of its workflow, which is a state-changing action performed on behalf of the user without a required confirmation step. Even though renewing library loans is lower risk than financial transfers, it still mutates a real account and may violate user expectations, especially in family/multi-profile contexts where the wrong profile could be targeted or a user may prefer not to renew certain items.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal