Factory

Security checks across malware telemetry and agentic risk

Overview

This is a coherent bulk installer, but it can broadly modify multiple agent environments and add persistent/plugin/MCP behavior with limited scoping guidance.

Install only if you intentionally want a large toolkit added across your AI tools. Prefer a scoped install path where you can choose the target agent, inspect the referenced GitHub/plugin contents first, skip MCP unless you need local code/session search, and get uninstall or disable steps for hooks, agents, and auto-start services before using the plugin path.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs users to execute a remote installation script via a shell pipe (`curl ... | sh`) without any integrity verification, pinning, or explicit safety warning. This is dangerous because a compromised host, MITM, or unexpected script change could lead to arbitrary code execution on the user's machine during setup.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal