Boof

Security checks across malware telemetry and agentic risk

Overview

Boof has a legitimate local document-processing purpose, but its script has an artifact-backed path-injection flaw and can index more markdown files than a user may expect.

Review before installing. Use only trusted files with simple filenames, use a dedicated output directory, and avoid processing untrusted documents or unusual paths until the script is fixed to pass paths safely and index only the intended file. No artifact-backed evidence of intentional exfiltration or destructive behavior was found.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill description contains broad trigger phrases such as read/analyze/summarize a PDF, process a document, and extract information, which can cause the agent to invoke this skill for generic analysis requests outside a narrowly scoped document-processing workflow. That increases the chance of inappropriate tool selection, unnecessary local file access, and unintended ingestion or indexing of sensitive documents when a simpler or safer response path would suffice.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal