Bitwarden Credential

Security checks across malware telemetry and agentic risk

Overview

This Bitwarden helper appears purpose-aligned, but it asks for vault session access in a way users should review carefully before installing.

Install only if you are comfortable reviewing and changing the workflow so BW_SESSION stays local. Prefer exporting the session key in your own terminal and letting the script consume it locally; do not paste Bitwarden session keys into chat, prompts, logs, or shared transcripts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger phrases are broad enough that normal requests like 'save password' or 'store credential' could invoke this skill outside a clearly Bitwarden-scoped intent. In a credential-handling skill, overbroad activation is risky because it may cause sensitive secrets to be routed into shell/CLI handling unexpectedly, increasing the chance of accidental disclosure, improper storage, or unsafe execution context.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The script explicitly tells the user to provide the Bitwarden session key to the assistant, but that session key is effectively a bearer token granting access to the user's unlocked vault. Exposing it to an assistant or intermediary expands the trust boundary and can enable unauthorized vault actions, secret retrieval, or persistence of credentials beyond the user's intent.

Ssd 3

High

Confidence: 99% confidence
Finding: This is a direct secret-delegation flaw: the script asks the user to disclose their Bitwarden session key so the assistant can operate on the user's vault. A Bitwarden session token can authorize creation, modification, and potentially retrieval of vault items, so sharing it gives the assistant or any system handling the conversation the user's vault privileges for the session duration.

VirusTotal

40/40 vendors flagged this skill as clean.

View on VirusTotal