Kannaka

Security checks across malware telemetry and agentic risk

Overview

Kannaka is a disclosed memory and swarm command wrapper whose local install, storage, networking, and statusline changes are purpose-aligned and user-invoked.

Install only if you trust the Kannaka release source and are comfortable with persistent local memory, NATS-based swarm networking, a binary in `~/.local/bin`, and optional Claude statusline settings changes. Use `forget` carefully because the artifact does not describe a confirmation or recovery flow for deleted memories.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to run shell scripts that download and install a binary from GitHub releases and modify local statusline configuration, but it does not explicitly warn the user that these actions make system changes and execute downloaded code. Even with sha256 verification mentioned, this still expands trust to a remote release pipeline and local shell execution, which is risky in an agent context because users may trigger it without understanding the scope of changes.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal