Ciderbox
Security checks across malware telemetry and agentic risk
Overview
This skill is a documentation-only helper for running local Apple container dev environments and Orchard agent swarms, with sensitive actions disclosed and user-initiated.
Before installing, understand that this skill teaches an agent to use ciderbox to create local container VMs, run commands, sync workspaces, launch OpenClaw agents, and push .orchid.env secrets into running VMs. Use it only for projects where that local container and agent-swarm access is intended, and run the disclosed teardown commands when finished.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.