Install structsd

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only installer skill for structsd with visible, purpose-aligned commands, though users should be careful with the Go replacement steps.

Before installing, prefer the prebuilt structsd release if it fits your platform. If building from source, do not run the Go reinstall snippets until you confirm how Go is currently installed, because sudo rm -rf /usr/local/go can remove an existing toolchain. Treat the optional Ignite curl-to-bash step as a separate installer and review it before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The macOS installation instructions delete /usr/local/go with sudo before reinstalling Go, but unlike the Linux section they do not explicitly warn the user to confirm whether an existing installation should be removed. This creates a realistic risk of destructive system changes or overwriting a managed Go installation on a user's machine.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal