Security audit
Kaomoji Manager
Security checks across malware telemetry and agentic risk
Overview
This is a small local kaomoji helper whose behavior matches its stated purpose, with the main side effect being updates to its own kaomojis.json file when saving entries.
Safe to install for normal use. Be aware that using the save command modifies the skill's local kaomojis.json database, so saved or updated entries will affect future pick and list results.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
