Security audit

Keeper Commander

Security checks across malware telemetry and agentic risk

Overview

This skill provides Keeper CLI workflow guidance for secrets and admin tasks, with the sensitive access clearly disclosed and bounded by user-confirmation and anti-leak guardrails.

Install only if you intend to let your agent help with Keeper Commander or Keeper Secrets Manager workflows. Because this can touch vault metadata, secrets, sessions, and record updates, supervise commands involving secret reads or record changes, prefer injection over displaying secrets, and confirm that tmux sessions are closed when work is complete.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description lists a wide range of activities such as installing tooling, signing in, searching data, retrieving secrets, updating records, and troubleshooting, but does not define clear scope limits or exclusion conditions. For a markdown skill file, this creates an ambiguous trigger surface that could cause the skill to activate for general Keeper-related conversation rather than narrowly scoped requests.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal