Secure Python Code Sandbox

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed remote Python sandbox tool; its main risk is that users can run arbitrary code and network requests, which is the stated purpose rather than hidden behavior.

Install only if you intend to use AgentPMT as a remote Python execution service. Do not send secrets, private keys, payment headers, proprietary data, or attacker-supplied code unless you have independently reviewed and constrained what the code can do.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The schema explicitly advertises execution of arbitrary Python code and dynamic API calls, but it provides no warning, restriction, or policy guidance about untrusted code, outbound network access, secrets exposure, or misuse scenarios. In an agent setting, this can enable prompt-driven remote code execution and data exfiltration through network requests, especially if an agent passes attacker-influenced input into the sandbox.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal