Openapi
Security checks across malware telemetry and agentic risk
Overview
This skill appears low-risk to the device, but it is advertised as an OpenAPI reference while its bundled script mostly prints generic placeholder devtools advice.
Review before installing if you expect reliable OpenAPI guidance. The skill does not appear to access sensitive data or modify the system, but its advice is generic enough that an agent or developer could mistake placeholder content for real OpenAPI reference material.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.