Back to skill

Security audit

AppDeploy

Security checks across malware telemetry and agentic risk

Overview

AppDeploy is a disclosed deployment helper that sends app files to an external hosting service, with sensitive but purpose-aligned capabilities.

Install this only if you intend to use AppDeploy for public deployments. Before deploying, review which files will be sent, keep secrets out of source snapshots, keep .appdeploy private and gitignored, and require explicit confirmation before overwriting or deleting an existing app.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description says to use it whenever a user asks to 'deploy or publish a website or web app and wants a public URL,' which is broad enough to activate on many common software requests without clearly limiting when external deployment should occur. In an agent environment, ambiguous activation can cause the skill to be invoked prematurely and lead to unintended network actions, credential creation, or publication of user code to a third-party service.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The deploy_app tool guidance states to use it when the user asks to deploy or publish a website or web app and wants a public URL, but it does not define safety boundaries or require confirmation before pushing artifacts to an external platform. Because this tool can publish code and potentially expose application data or functionality publicly, ambiguous triggering increases the risk of accidental deployment or disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.