Pet Video Script Domain

Security checks across malware telemetry and agentic risk

Overview

This is a pet video scripting reference skill with a clearly disclosed dependency, but users should review its automatic UTOS install instruction before enabling it.

Install this if you want a structured pet-video scripting and prompt reference. Before using full execution mode, confirm that you trust and intend to install universal-task-os; otherwise use the skill only as a read-only reference.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs that activation should detect whether `universal-task-os` is installed and automatically install it if missing. Any skill behavior that changes the host environment on activation without explicit user consent is dangerous because it expands trust to another package, can introduce supply-chain risk, and violates least surprise for a reference-style skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal