Security audit

Cue Overseas Expansion

Security checks across malware telemetry and agentic risk

Overview

This is a real Cue research skill, but it fetches and runs live remote code that can use your local Cue account key.

Review before installing if you are not comfortable with a skill updating code under ~/.cue and running it with access to your Cue account. Prefer a pinned, reviewed runner version, inspect the repository before first use, and confirm credit-spending runs explicitly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to clone or update a remote Git repository and then execute a Python script from that repository on the local system. That creates a software supply chain risk and expands the skill's effective permissions far beyond document-based research: a compromised upstream repo, mirror, or account could deliver arbitrary code for execution, potentially exposing local files, credentials, or enabling further system compromise.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal