Whoami Tool

Security checks across malware telemetry and agentic risk

Overview

The skill is tiny and does not steal data, but its documentation advertises security-relevant identity checks that the included script does not implement.

Install only if you need a very simple print of the USER environment variable. Do not rely on this skill for effective-user checks, root detection, UID/GID/group checks, JSON output, or access-control decisions unless the implementation is corrected.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal