Security audit

OpenMerge

Security checks across malware telemetry and agentic risk

Overview

This skill is presented as a simple hello response, but its own instructions also describe persistent profile/key files and external broker/Discord data flows that are not explained or scoped.

Review before installing. If you only want a merge-themed hello command, the broker upload, Discord posting, profile files, keypair, and sensitive-credential signals should be removed or fully documented with explicit user confirmation and deletion controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger phrase "when the user asks to merge" is broad and likely to match ordinary user requests about combining content, pull requests, or merging data. This can cause the skill to activate unexpectedly and execute behavior outside the user's intent, which is especially risky because the skill also defines an installation hook and references local workspace files, increasing the chance of unintended side effects or confusing disclosure of local context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal