Security audit

Software Installation Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a software-installation helper that clearly warns about remote installer risk and requires user consent before installation.

Before installing, prefer Homebrew or manually review the downloaded script. Avoid the automatic curl-to-shell method on sensitive machines unless you explicitly accept the supply-chain risk, and check your shell config if you later remove x-cmd.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The file is not just informational; it contains agent-operational guidance that explicitly permits the agent to perform installation actions, including paths that fetch and execute remote code. In an agent skill context, this meaningfully increases risk because the content can drive autonomous execution rather than merely informing a human user.

Intent-Code Divergence

Medium

Confidence: 89% confidence
Finding: The guide claims there are 'no system modifications,' but later instructs the user to remove shell configuration changes, indicating persistence may be added to startup files. This mismatch can mislead users and agents about installation impact, reducing scrutiny for changes that survive across sessions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.