pandora

Security checks across malware telemetry and agentic risk

Overview

Pandora presents itself as a secure secrets vault, but the included code is only a stub and does not actually implement the promised secret protection.

Treat this as a review-required placeholder, not a production secrets vault. Do not give it real API keys, passwords, or database credentials unless a complete reviewed implementation, secure input handling, backend configuration, and provenance are provided.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The manifest explicitly grants shell execution to a skill whose stated purpose is secrets and configuration vault management. That combination is dangerous because any compromise, misuse, or overly broad implementation can execute arbitrary commands in an environment that likely has access to sensitive credentials, increasing the risk of exfiltration, tampering, or destructive system actions.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal