Back to skill

Security audit

Agentlens

Security checks across malware telemetry and agentic risk

Overview

AgentLens appears to be a documentation-navigation skill that helps an agent read project structure, with no evidence of code execution, persistence, or data exfiltration.

This looks safe to install for codebase-documentation navigation. As with any skill that guides an agent’s reading workflow, install it only if you want the agent to consult .agentlens documentation in your repositories, and review those project-local docs if they come from an untrusted source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.