Back to skill

Security audit

Kiipu

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Kiipu CLI helper that can make real post changes, including deletion and permanent purge, and those powers match its stated purpose.

Install this only if you trust the separate @kiipu/cli package and the machine where it stores Kiipu authentication. Verify the exact post ID before delete or purge, treat purge as permanent, and avoid pasting API keys into shared or logged contexts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly supports delete, restore, and especially purge operations, but it provides no warning that these actions may be destructive or irreversible and does not require confirmation before execution. In an agent context, this increases the risk of accidental data loss because a user request could be interpreted too broadly and immediately translated into a destructive CLI command.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The authentication examples include passing an API key directly on the command line, which can expose secrets through shell history, process listings, transcripts, or logs. In a tool-using agent environment, this is more dangerous because credentials may be echoed back, captured in execution traces, or preserved in conversation history.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.