pass - stores, retrieves, generates, and synchronizes passwords securely

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only guide for the pass password manager; it handles sensitive password workflows, but the commands are disclosed, user-directed, and aligned with that purpose.

Install only if you want a CLI guide for pass. Review third-party extensions before cloning them, avoid sharing decrypted output or private-key files with an agent, protect exported vault files, and double-check entry paths before using recursive delete or force overwrite commands.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger text is overly broad because it ends with a catch-all phrase like 'or any variation,' which can cause the skill to activate for loosely related requests. In an agent setting, over-triggering can route unrelated user prompts into a password-management workflow, increasing the chance of inappropriate sensitive guidance or unintended command suggestions.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: This section documents destructive commands such as recursive removal and force flags without an explicit warning that these actions can permanently delete secrets from the password store and associated git history. In a security-sensitive skill about credential storage, omission of safety guidance materially increases the risk of accidental loss of passwords or metadata.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal