Build ROSE tools using a container

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal Docker-based ROSE compiler setup guide, with the main caution that its container can write to the current project directory when bind-mounted.

Install only if you are comfortable running Docker commands for a compiler toolchain. Treat the mounted project directory as writable from inside the container; use a disposable checkout, a narrower mount, or a read-only mount when you only need analysis and not build outputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs users to run a container with `-v $(pwd):/work`, which gives the container read/write access to the current host workspace. Because the skill does not warn that processes inside the container can modify or overwrite host files, users may treat the container as isolated when it is not. In this context, the risk is real because the container is explicitly used to build and run arbitrary analysis tools against user code, so containerized commands can affect host project contents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal