Security audit
OSV Scanner
Security checks across malware telemetry and agentic risk
Overview
This appears to be a normal vulnerability scanner, but it sends package/version information to Google OSV and can run local package-listing commands when used in OS-scan mode.
Before installing, make sure you are comfortable sharing scanned package names and versions with Google OSV. Run it in a virtual environment, consider pinning the Python dependencies, and use OS-scan mode only on systems you intend to inventory.
VirusTotal
67/67 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
