Back to skill

Security audit

Openforge

Security checks across malware telemetry and agentic risk

Overview

OpenForge is a transparent PRD-driven coding orchestrator, but users should treat its PRDs and gate commands like executable code.

Install only if you are comfortable letting a PRD-guided agent edit your workspace and run reviewed build, test, or lint commands. Use trusted PRDs, keep secrets out of PRD text, review every Gate command carefully, avoid Shell-Gate unless necessary, and prefer a clean branch or disposable workspace for higher-risk changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The quick reference advertises control modes like dry-run, single-phase execution, and skip behavior without defining mandatory enforcement in the execution protocol. In a skill that can spawn sub-agents and run gate commands, ambiguous operator controls can cause unintended real execution when a user believes they are only planning or selectively running phases, increasing the risk of unsafe command execution from PRD content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.