Back to skill

Security audit

Gui Tool

Security checks across malware telemetry and agentic risk

Overview

This skill is a plainly described desktop GUI automation helper, with powerful but disclosed screenshot and input capabilities.

Install only if you want an agent to inspect and control your live desktop. Avoid using it around private windows, secrets, financial actions, or irreversible form submissions unless you are actively supervising the session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broadly phrased to match generic requests like seeing the screen, finding windows, typing, or automating GUI interaction, which increases the chance the agent invokes a high-risk capability in situations where a narrower tool would suffice. Because this tool can both observe screen contents and perform real input actions, overbroad routing materially raises the risk of unintended data exposure or destructive actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill lacks an explicit warning that it can capture screenshots of potentially sensitive on-screen data and inject real mouse and keyboard input into live applications. Users or downstream agents may therefore treat it like a harmless inspection utility, when in fact it can expose secrets, alter files, submit forms, or trigger irreversible actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.