Authy
Security checks across malware telemetry and agentic risk
Overview
This skill transparently helps run user-chosen commands with injected secrets, so it is sensitive but coherent and disclosed.
Install only if you trust the `authy` binary on your PATH and intend to let the agent run selected commands with scoped secrets. Use narrow policies, avoid unreviewed scripts or network commands, and do not allow wrapped commands to print, log, or write secret environment variables.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.