RamaLama CLI

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward guide for using the Ramalama CLI, with one practical caution around local API serving exposure.

Install only if you intend to use Ramalama from the command line. When using the serve workflow, bind to localhost unless you explicitly want remote access, avoid sending sensitive prompts on shared or untrusted networks, and stop the server when you are done.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill recommends `ramalama serve <model>` and discusses serving an OpenAI-compatible endpoint, but it does not warn that exposing a local inference API can unintentionally make model access or submitted prompts available to other local users or network peers, depending on bind defaults and container/runtime configuration. In a skill specifically about running agents and serving models, omission of exposure guidance materially increases the chance of accidental service exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal