temporal-cortex-datetime
Security checks across malware telemetry and agentic risk
Overview
This is a focused offline datetime utility with a disclosed native-binary install path and no evidence of hidden data access or destructive behavior.
Reasonable to install if you accept the normal risk of an npm package that installs a native binary. For extra assurance, inspect the npm package before install, independently verify the GitHub release checksum, or use the documented Docker mode with networking disabled.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.