Back to skill

Security audit

Karma Project Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Karma API helper for project and grant management, with real account-backed actions that users should confirm carefully.

Install this only if you intend to let an agent use your Karma API key for project, grant, payout, or invoice tasks. Use a least-privileged key where possible, keep the key out of chat, and confirm the exact project, grant, network, action, and parameters before any request is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger condition includes broad language such as 'any project management action,' which can cause the skill to activate in situations the user did not intend. In an agent environment, overbroad invocation increases the chance of sending authenticated API requests or exposing operational data based on ambiguous user input.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.generated_source_template_injection

User-controlled placeholder is embedded directly into generated source code.

Critical
Code
suspicious.generated_source_template_injection
Location
SKILL.md:19