Langflow

Security checks across malware telemetry and agentic risk

Overview

The available evidence shows a Langflow-related skill with an over-broad activation concern, but no concrete sign of unsafe access, persistence, exfiltration, or destructive behavior.

This appears acceptable to install from a security standpoint. Users should be aware that generic phrases like visual workflow or drag-and-drop AI may activate it unexpectedly, so narrowing the trigger wording to mention Langflow explicitly would reduce confusion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are very broad and generic, such as references to visual workflows and drag-and-drop AI, which can cause the skill to activate in contexts where the user may not actually be requesting this specific integration. In an agent environment, over-broad activation boundaries can route unrelated user requests into the wrong skill, increasing the chance of unintended actions, incorrect tool use, or prompt-scope confusion.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal