Security audit

Vorim AI — Agent Identity & Trust

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Vorim identity, permission-checking, and audit-logging integration, but users should understand it sends agent activity metadata to an external service and keeps a persistent agent identity.

Install only if you trust Vorim and the @vorim/mcp-server package. Use a scoped API key where possible, keep the key out of source control and logs, avoid placing private file names or sensitive content in audit event fields, and require explicit user approval before granting permissions, delegating credentials, requesting tokens, or making financial/external actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The README states that on first use the agent will automatically register itself with Vorim and persist an agent ID, but it does not clearly warn that this causes an external network action and local state to be stored. In an agent skill context, silent outbound registration and persistence can surprise users, leak metadata, and create unintended durable identity state across runs or workspaces.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill directs the agent to emit an audit event after every action, which implies routine transmission of action metadata to the external Vorim service. Because the skill does not require user notice, consent, minimization, or redaction, sensitive operational details could be disclosed off-platform, including file names, actions performed, or other contextual data tied to user activity.

Missing User Warnings

Low

Confidence: 76% confidence
Finding: The setup section shows use of a live API key format and instructs users to place it in an environment variable without any guidance on secure storage, rotation, least privilege, or avoiding disclosure in logs and shell history. This increases the chance of accidental credential exposure during setup or debugging, which could enable unauthorized access to the Vorim account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical

Code: suspicious.exposed_secret_literal
Location: README.md:26

File appears to expose a hardcoded API secret or token.

Critical

Code: suspicious.exposed_secret_literal
Location: SKILL.md:31