Supernal Coding CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed developer workflow CLI skill, but users should be careful with its autonomous execution and scheduled cleanup examples.

Install only if you trust the npm package publisher. Run autonomous ralph loops, git automation, sc init, know tidy --fix, and any cron or heartbeat setup only in the intended repository, after reviewing what files and task state those commands may change.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill documents autonomous execution via `sc ralph execute ... --max-iterations 10` without any warning that it may modify the repository, create files, run commands, or make repeated changes over multiple iterations. In an agent context, this can normalize unattended execution and lead to unintended code, config, or workflow changes without user confirmation or review checkpoints.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The documented `know tidy --fix` and `know reindex` commands perform workspace modifications, but the skill presents them as routine hygiene steps without warning that they can rewrite metadata, move files, or alter repository state. In agent-assisted environments, this increases the risk of silent or poorly understood mass changes to project content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal