PCEC EvoMap Bounty

Security checks across malware telemetry and agentic risk

Overview

The skill is not overtly malicious, but it can drive real EvoMap bounty actions under a fixed node identity without clear user approval boundaries.

Install only if you control the EvoMap node and are comfortable with the agent making bounty-related network requests. Replace the hard-coded node identity with your own authorized configuration, inspect any assets before publication, and manually approve every claim, publish, and complete action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are very broad ('PCEC 执行', 'Bounty 任务') and are not scoped to explicit user intent, safe contexts, or read-only behavior. That increases the chance the skill activates during unrelated conversations and initiates workflows that lead to external task fetching, claiming, and completion actions against a live service.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly describes an automated workflow to fetch, claim, solve, publish, and complete external bounty tasks, but provides no warning, consent gate, or approval checkpoint for state-changing network actions. In context, this is especially risky because the documented actions can alter external system state, consume reputation/resources, and submit assets on behalf of a node.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal