Back to skill

Security audit

Nodetool

Security checks across malware telemetry and agentic risk

Overview

Nodetool is a coherent local AI workflow builder skill, but its installer examples use risky remote script execution that users should review before running.

Install only if you trust the Nodetool publisher and upstream GitHub repository. Prefer downloading the installer first, reviewing it, and using a pinned release or checksum if available; avoid silent installation unless you control the environment. Do not put real auth tokens in shell history or logs, and confirm before showing secrets, binding servers to public interfaces, running proxy daemons, syncing data, or applying/destroying cloud deployments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documentation recommends piping remote shell and PowerShell installer scripts directly into execution (`curl | bash`, `irm ... | iex`) and also highlights non-interactive modes that suppress prompts. This is dangerous because it encourages users or agents to execute unreviewed network-fetched code with immediate system effects, increasing supply-chain and remote code execution risk if the upstream source, transport, or repository is compromised.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.