Security audit

Openforge

Security checks across malware telemetry and agentic risk

Overview

OpenForge is a transparent PRD-driven coding orchestrator, but users should treat its PRDs and gate commands like executable code.

Install only if you are comfortable letting a PRD-guided agent edit your workspace and run reviewed build, test, or lint commands. Use trusted PRDs, keep secrets out of PRD text, review every Gate command carefully, avoid Shell-Gate unless necessary, and prefer a clean branch or disposable workspace for higher-risk changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 88% confidence
Finding: The quick reference advertises control modes like dry-run, single-phase execution, and skip behavior without defining mandatory enforcement in the execution protocol. In a skill that can spawn sub-agents and run gate commands, ambiguous operator controls can cause unintended real execution when a user believes they are only planning or selectively running phases, increasing the risk of unsafe command execution from PRD content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.