Back to skill

Security audit

OpenGemini CLI

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent helper for using the local Gemini CLI, with the main risk being that file-review commands send chosen file contents to Gemini.

Install and authenticate the official Gemini CLI yourself, verify `which gemini` points to the binary you expect, and do not use the review helper on secrets, credentials, private source code, or personal data you would not want processed by Gemini. Treat Gemini output as advice to review before applying edits or running commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script reads the entire specified local file and embeds its contents directly into a prompt sent to the external `gemini` CLI, with no confirmation, warning, redaction, or scope restriction. In this skill's context, the behavior is especially risky because the advertised purpose is to review arbitrary local files via another model, which can easily expose secrets, proprietary code, credentials, or personal data to an external service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.