XferOps Forge

Security checks across malware telemetry and agentic risk

Overview

The Forge skill appears purpose-aligned, but it needs review because it runs an npm MCP adapter and uses a Forge API token for actions that can change or delete project data.

Install only if you trust the Forge service, the `@xferops/forge-mcp` npm package, and the publisher. Use a scoped, revocable Forge token, store it only in trusted local config or a secret manager, and require confirmation before destructive actions such as deleting tasks, deleting columns, or changing team membership.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 89% confidence
Finding: This markdown file instructs the user to place `FORGE_TOKEN` in a client config and shows the token field directly, but it does not warn that the value is a sensitive secret that should be protected and not committed, shared, or logged. For markdown files, SQP-2 applies when the skill description omits warnings about behaviors that could affect privacy or system integrity.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal