Back to skill

Security audit

Podpoint

Security checks across malware telemetry and agentic risk

Overview

This skill coherently checks public Pod Point charger availability and does not request credentials, local files, persistence, or privileged access.

Install this if you want a lightweight checker for public Pod Point charger status. Only provide pod IDs you are comfortable sending to Pod Point, and use reasonable interval and timeout values in watch mode because it repeatedly contacts the public endpoint until it returns an availability event or times out.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation example "Monitor this Pod Point" is ambiguous because "this" is context-dependent and the phrase is broad enough to match ordinary conversation. The description does not provide exclusion conditions or clearer constraints for when this skill should activate versus other Pod Point-related skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.