Back to skill

Security audit

Ultrawork — Parallel AI Task Execution

Security checks across malware telemetry and agentic risk

Overview

This skill is meant for parallel coding work, but it can launch multiple autonomous agents and send task details to model backends with limited scoping and safeguards.

Install only if you intentionally want multiple coding agents working at the same time. Use it on trusted repositories, preferably a clean branch or disposable worktree, keep tasks narrow and non-overlapping, inspect package scripts before letting verification run, and avoid prompts containing secrets or proprietary material unless you accept the model-provider exposure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The skill advertises broad natural-language triggers such as 'run in parallel' in addition to explicit command syntax. In agent environments, overly broad invocation phrases can cause accidental activation, leading to unintended parallel execution of tasks and possible transmission of user requests to multiple external model backends without clear consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill routes tasks to named external model backends and launches them in parallel, but the description does not clearly warn users that their task contents may be sent to multiple external services at once. This can increase data exposure, especially if prompts contain sensitive code, credentials, or proprietary information, because parallel fan-out multiplies disclosure risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.