Back to skill

Security audit

Yes Tool

Security checks across malware telemetry and agentic risk

Overview

This is a small yes-style output helper, but its documentation encourages unattended approval of risky commands and claims safeguards the script does not implement.

Install only after reviewing the documentation and understanding that this is not a safe automation controller. Do not pipe it into deletion, package management, account changes, legal-consent, privileged, or irreversible commands unless the exact prompts and consequences have been reviewed, and do not rely on the documented --count, --sleep, --hex, --json, or no-newline options unless the implementation is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly markets automatic confirmation for prompts, form inputs, and unattended execution without any safety framing. In a general-purpose agent/tool catalog, encouraging blind confirmation can cause users or downstream agents to approve destructive, privileged, or irreversible actions they did not review.

Missing User Warnings

High
Confidence
97% confidence
Finding
The example pipes automatic affirmative input into package installation, normalizing blind approval of privileged system changes. This increases the chance of unintended package actions, license acceptance, service enablement, or installation of unreviewed dependencies in automated contexts.

Missing User Warnings

Critical
Confidence
99% confidence
Finding
This example combines an auto-confirmation tool with a destructive deletion command, effectively endorsing unattended approval in a context where mistakes can lead to irreversible data loss. Even if the shell pipeline is technically questionable, the documentation still conveys a dangerous pattern that could be adapted by users or agents into actually destructive command sequences.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Piping unattended input into a configuration script can silently accept defaults or options that alter build behavior, install paths, network settings, or optional components. While less immediately destructive than deletion, it still promotes unreviewed automation of potentially impactful system or build changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.