Security audit

Tar Tool

Security checks across malware telemetry and agentic risk

Overview

This tar utility has a coherent purpose, but its extract command can overwrite files unexpectedly when given a crafted archive.

Install only if you will use it on archives you trust or inside an empty disposable working directory. Avoid using this version for downloaded or user-supplied tar files until it validates archive paths, rejects unsafe links and special files, and extracts into an explicit user-approved destination.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 82% confidence
Finding: The skill describes creating and extracting tar archives, which inherently implies writing files to disk during archive creation or extraction. Because no permissions are declared, there is a mismatch between documented behavior and the security model, which can lead to unauthorized file creation or overwrite if the agent executes the skill without explicit file-write approval.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The extraction path uses tarfile.extractall() on an untrusted archive without validating member paths. This can enable path traversal (for example via ../ paths or absolute paths) and overwrite arbitrary files on the host, making this substantially more dangerous than a mere lack of user notice.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.