otta-cli

Security checks across malware telemetry and agentic risk

Overview

This is a coherent instruction-only helper for using an Otta time-tracking CLI, with account-changing actions disclosed and aligned to its purpose.

Install only if you intend to let an agent operate your Otta account through a trusted otta CLI binary. Prefer password-stdin or secret environment handling, verify the API base URL and config/cache paths, and require the agent to show the target worktime record and get your explicit confirmation before update or delete operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly documents a destructive `otta worktimes delete --id <worktime-id>` command but provides no safety guidance such as requiring explicit user confirmation, showing the target record first, or warning that the action is irreversible. In an agent-driven context, this increases the chance of accidental data deletion from ambiguous prompts or mistaken IDs, especially because the skill encourages end-to-end execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal