🛡️ Credential Vault / 凭证保险箱

Security checks across malware telemetry and agentic risk

Overview

The skill appears to disclose a real but purpose-aligned temporary plaintext handling risk, with no evidence of hidden collection or exfiltration.

Install only if you are comfortable with the tool briefly writing plaintext secret material to local disk during encryption or saving. For highly sensitive secrets, use a RAM-backed temp directory, a dedicated secrets manager, or another workflow that avoids plaintext-on-disk exposure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: - Created with `mkstemp` + `fchmod 600` (owner-only read/write) / 使用 `mkstemp` + `fchmod 600` 创建（仅所有者可读写） - Exists for milliseconds (only during GPG subprocess execution) / 仅存在毫秒级（GPG 子进程执行期间） - Securely deleted: zero-overwrite → fsync → unlink / 安全删除：零覆写 → fsync → unlink - **Risk / 风险**: on some systems, temp file contents may be recoverable from disk. For higher security, use a tmpfs/ramfs mount or a dedicated secrets manager. 在某些系统上，临时文件内容可能可从磁盘恢复。如需更高安全性，请使用 tmpfs/ramfs 挂载或专用密钥管理器。
Confidence: 89% confidence
Finding: write → fsync → unlink / 安全删除：零覆写 → fsync → unlink - **Risk / 风险**: on some systems, temp file contents may be recoverable from disk. For higher security, use a tmpfs/ramfs mount or a dedicated secret

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal