x-cmd

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed x-cmd shell/package-management helper that changes PATH and installs local tools as part of its stated purpose.

Install this only if you want x-cmd managing local CLI tools. Prefer Homebrew or a reviewed installer, avoid curl-to-shell in sensitive environments, and approve package installs deliberately because loaded x-cmd paths can change which executables your shell runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly tells users to source `. ~/.x-cmd.root/X`, which executes shell code in the current session and changes PATH/environment state persistently for that shell. Because this action runs arbitrary local startup logic without any warning about trust, side effects, or how it alters command resolution, users may unknowingly expose themselves to execution of compromised or unexpected code.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill promotes commands like `x env use <pkg>` and `x pixi use <pkg>` as instant package installation without clearly warning that they download and install software. In an agent-facing context, this lowers friction for executing unreviewed third-party code and may lead to supply-chain compromise or unintended system changes, even if installation is user-local.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal