Back to skill

Security audit

Tar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local tar archive helper, but users should be careful when extracting archives from untrusted sources.

Install only if you need local tar archive operations. List or verify unfamiliar archives before extracting, extract untrusted archives into a fresh temporary directory, and avoid extracting unknown archives inside sensitive folders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The description uses broad invocation language such as 'use when scanning contents, monitoring sizes, reporting results, alerting corruption' without clearly limiting when destructive or filesystem-modifying commands should be used. In agent settings, vague triggers can cause the skill to be selected in contexts where extraction, creation, or modification is unnecessary, increasing the chance of unintended file access or writes.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation presents `extract`, `create`, and `add` as routine commands without warning that they write files or modify archives. In an autonomous or semi-autonomous agent environment, missing mutation warnings can lead to accidental filesystem changes, unsafe extraction of untrusted archives, or unintended overwriting of local data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
`cmd_extract` extracts arbitrary tar archives directly to disk with `tar -x... -C "$outdir"` and performs no validation of archive member paths, symlinks, or special files before writing. A malicious archive can overwrite files within the chosen destination tree, place dangerous symlinks, or exploit path traversal/unsafe extraction behaviors depending on tar implementation and runtime context; the lack of any warning increases the chance of unsafe use on untrusted input.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.