team-collaboration

Security checks across malware telemetry and agentic risk

Overview

This localhost team-collaboration skill is mostly coherent, but it documents reusable credentials and gives broad delete and role-management powers that need human review before use.

Install only in a trusted local test setup unless the backend has strong server-side authorization. Rotate or remove the documented admin password and fixed API key, use least-privilege credentials, and require manual approval for deletes and role or permission changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill exposes authentication-related operations but does not warn users about handling passwords, tokens, or API keys as sensitive secrets. In agent contexts, poor secret-handling guidance increases the chance credentials are logged, echoed back to users, stored in prompts, or reused insecurely across sessions.

Ssd 3

High

Confidence: 99% confidence
Finding: The documentation contains reusable secrets in plaintext, including default admin credentials and a fixed agent API key. If these values are valid in any deployed environment, an attacker could authenticate as a privileged user or as an agent, leading to unauthorized access, data manipulation, deletion of projects/tasks/bugs/docs, and possible privilege escalation via role-management actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal