Back to skill

Security audit

Env Config

Security checks across malware telemetry and agentic risk

Overview

This is a local .env helper with no evidence of exfiltration or destructive behavior, but users should not treat its Base64 feature as real encryption and should be aware one helper writes local history/data files.

Install only if you are comfortable with local shell helpers reading .env files. Do not use the Base64 encrypt command to protect production secrets, avoid passing secrets as command arguments, and review or delete ~/.local/share/env-config if you use the generic env-config helper.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The script exposes a command named 'encrypt' but only performs Base64 encoding, which provides no confidentiality and is trivially reversible. Users may mistakenly store or share sensitive .env contents believing they are protected, causing secret exposure if the output is leaked or committed.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The add command writes arbitrary user-supplied content directly into a persistent local file without any notice, consent prompt, or data-handling explanation. In a skill context, this can cause users to unknowingly store sensitive data such as tokens, credentials, or personal information on disk, where it may later be exposed to other local users, backups, or support tooling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The _log helper silently records command activity and arguments to history.log for nearly every operation, creating an undisclosed audit trail of user actions. If users pass sensitive values as arguments, those values may be persisted unintentionally and later exposed through filesystem access, backups, log collection, or forensic review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.