Kimi CLI 无头执行操作手册

Security checks across malware telemetry and agentic risk

Overview

The available evidence shows no concrete malicious or review-worthy behavior in this skill version.

This skill appears suitable to install based on the available evidence. As with any skill, review its visible instructions and only grant file, network, or credential access that matches what you expect it to do.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal