Comanda

Security checks across malware telemetry and agentic risk

Overview

Comanda is a coherent workflow-orchestration skill, but users should treat its workflows like executable automation because they can call models, run allowed shell tools, read or write files, and persist indexes or loop output.

Install only if you trust the external comanda CLI and the workflows you run. Review generated YAML before using comanda process, keep tool allowlists narrow, avoid untrusted shell-enabled workflows, scope provider API keys where possible, and be careful when indexing private repositories or running long agentic loops.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly encourages users to run `comanda process` workflows and describes shell-based tool steps, but it does not prominently warn that workflows may execute local commands, read/write files, and affect the host environment. In a skill that helps generate and execute YAML pipelines from natural language, this omission is risky because users may run unreviewed or model-generated workflows with local side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal