cli-anything
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only skill for building CLI harnesses, with no hidden scripts or credential requests, though it may run code from the target project during testing.
This skill is reasonable to install if you want an agent to generate CLI harnesses. Use it on repositories you trust or inside a sandbox, because its normal workflow can clone repositories, inspect source code, run tests, execute subprocesses, and perform editable Python installs for the generated harness.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.