Back to skill

Security audit

cli-hub

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate CLI gateway, but it needs review because it can install tools, authenticate to work accounts, and perform broad account-changing actions.

Install only if you need a broad gateway for these enterprise and AI platforms. Prefer pipx or uv over the curl-to-bash installer, authenticate only one provider at a time, and require the agent to show the exact command before sending messages, changing business data, or spending generation credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description activates on very broad, common intents such as sending messages, managing calendars, documents, meetings, and AI creation, which can cause the agent to invoke this skill in many unrelated situations. Because the skill can install software, authenticate accounts, and run external provider CLIs, overbroad routing increases the chance of unnecessary privileged actions or unintended tool execution.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill includes a convenience installation method that pipes a remotely fetched script directly into bash without any warning or verification step. This is dangerous because any compromise of the source, repository, transport assumptions, or referenced script content would result in immediate arbitrary code execution on the host.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.