Back to skill

Security audit

Tire

Security checks across malware telemetry and agentic risk

Overview

This is a local command-line logger with confusing Tire branding; it stores what you type on your machine but shows no network transfer or credential access.

Install only if you want a simple local history logger and are comfortable with entries being saved under `~/.local/share/tire`. Avoid entering passwords, tokens, private account details, or sensitive personal information, and verify the CLI install path because the artifact does not clearly define installation behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (9)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest advertises a narrow tire-focused assistant, while the body describes a broad home-management and multi-command tracking tool. This discrepancy increases the risk of deceptive activation and misuse, because users may grant trust or provide inputs based on the claimed limited purpose when the actual documented behavior is much broader.

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The script's declared behavior does not match the skill's stated tire-assistant purpose: it is a generic activity logger with broad commands and local persistence. This kind of capability mismatch is dangerous because it can mislead users into supplying unrelated sensitive data under a benign-seeming domain label, reducing informed consent and trust boundaries.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The export and search features enable broad retrieval and replication of previously logged user inputs, but these capabilities are not justified by the stated tire-assistant use case. In context, this increases the risk that sensitive user-provided content is stored, indexed, and resurfaced without clear need or expectation.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The inline comments explicitly describe a generic utility toolkit, which contradicts the manifest's tire-assistant framing. While not an exploit by itself, this discrepancy is a meaningful security signal because it suggests deceptive packaging or poor disclosure around the tool's real functionality.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The phrase 'Use when you need tire' is too vague to provide safe activation boundaries. Ambiguous invocation guidance can cause the skill to be selected in inappropriate contexts, especially given that the rest of the document describes broad generic logging and management capabilities unrelated to tires.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README broadens the skill to 'all your home management needs from the command line,' which is far wider than the manifest suggests. Overbroad scope language is risky because it encourages invocation for unrelated tasks and normalizes broad collection of arbitrary user input under a misleadingly narrow skill identity.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
These command handlers persist arbitrary user-provided arguments directly to local log files, but the help text does not clearly warn users that their inputs will be retained. This is dangerous because users may enter confidential or personal data assuming transient processing, only for it to be stored and later exposed through other commands.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The export function aggregates prior logs into JSON, CSV, or text files, effectively duplicating potentially sensitive historical inputs into additional files without clear warning. This increases exposure by broadening the footprint of collected data and making accidental disclosure or secondary sharing more likely.

Ssd 3

Medium
Confidence
98% confidence
Finding
The tool persistently stores arbitrary inputs across many commands and later exposes that data through search, recent, status, and export functions. In the context of a mislabeled 'personal tire assistant,' this creates a privacy and data exposure risk because the capability set encourages broad collection and easy resurfacing of user-entered content unrelated to tires.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.