bool-cli
Security checks across malware telemetry and agentic risk
Overview
The skill is a coherent Bool.com deployment helper, but it tells agents to bypass deletion confirmation for hosted projects without requiring separate user approval.
Install only if you are comfortable giving the Bool CLI authority to manage hosted Bool.com projects. Before deploying, use a curated project or build directory and review exclusions for private files. Require explicit confirmation of the exact Bool slug before any delete or visibility-changing command, even though the skill suggests using `-y` for non-interactive deletion.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.