Karakeep

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Karakeep bookmark-management skill, with the main caveat that it stores a Karakeep API key locally in plaintext.

Before installing, confirm you trust the Karakeep instance URL you configure, prefer environment variables or a protected credential store if available, and restrict permissions on ~/.config/karakeep/config.json if you use login-based storage.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The login command persists the API key in plaintext under ~/.config/karakeep/config.json without setting restrictive file permissions or warning the user that a bearer token is being stored locally. On multi-user systems or in environments with weak home-directory protections, another local process or user could recover the token and gain access to the user's Karakeep instance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal