Back to skill

Security audit

Pi Coding Specialist

Security checks across malware telemetry and agentic risk

Overview

This skill fits its stated coding-agent purpose, but it asks users to install and run an external coding agent with broad project access and background execution without enough containment guidance.

Install only if you trust the Pi CLI package and are comfortable letting it operate inside your repositories. Prefer an isolated branch, worktree, or container; approve each run explicitly; avoid repositories with secrets; set a timeout; monitor background sessions; and review all generated diffs before integrating changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly instructs spawning and running a coding sub-agent in a project workdir, including background execution, but does not warn that the agent may modify repository files, execute additional tooling, or continue running asynchronously after the caller moves on. In an agentic environment, this omission can lead to unintended code changes, persistence of long-lived processes, and reduced operator awareness of side effects, which increases the chance of unsafe or unauthorized actions.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.