🪢 Agentspace — See what your dev agent is doing, from anywhere

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed dev-workspace sharing helper, but users should be careful because it uploads the chosen folder to a third-party service and can create share links.

Before installing, confirm you are comfortable uploading the selected development folder to agentspace.so. Use the narrowest path possible, prefer view-only links unless edit access is needed, avoid sharing secrets or proprietary files, and treat .ascli.json claim tokens like access tokens. Consider pinning or reviewing the npm package before running the @latest command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill advertises broad trigger phrases and ends with a catch-all condition like 'any dev-time observability need,' which increases the chance of accidental activation outside the user's precise intent. Because this skill can expose live development folders and generated artifacts via a shareable URL, overbroad triggering can lead to unintended data exposure or sharing of sensitive project contents.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill prominently encourages exposing a live dev folder and opening a URL to review evolving files, logs, build artifacts, and outputs, but the user-facing description does not foreground the privacy and data-exposure risks at the point of use. In this context, development folders often contain secrets, internal code, logs, tokens, screenshots, or other sensitive artifacts, so insufficient warning materially increases the risk of accidental disclosure.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The documentation explicitly instructs users to create workspace- or file-scoped share links with view or edit permissions, but it does not warn that these links can expose agent-generated code, logs, artifacts, or even permit modification of a live dev workspace. In this skill's context, the workspace is meant to expose an evolving agent folder remotely, so undocumented sharing semantics materially increase the risk of accidental data exposure or unauthorized edits.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: Documenting agent-to-agent handoff without warning about transfer of session context and access is dangerous because a handoff may implicitly grant another agent visibility into the live workspace, generated files, logs, and potentially active credentials or claim tokens. Given this product is specifically designed for dev-session observability and handoff, omission of access-boundary warnings can lead to overbroad delegation and unintended disclosure across agents or operators.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal