Back to skill

Security audit

MALP

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only local project context tracker that writes disclosed `.malp` metadata when the user asks it to track a path.

Before installing, understand that using the skill can create `.malp/` folders in paths you name and maintain an index under `~/.malp-home/`. Do not put secrets in these notes, and decide whether `.malp/` files should be ignored by git or intentionally tracked.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to create a `.malp` directory, write multiple files, and update `~/.malp-home/MAP.txt` under a user-specified path. Although this is framed as intended functionality, it authorizes persistent filesystem modification across arbitrary locations without requiring a separate confirmation step or clear user-facing warning about the scope of writes, which creates risk of unintended or unsafe file changes.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.