Back to skill

Security audit

Worktree Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed SSH deployment skill with powerful remote-admin capabilities that match its stated purpose.

Install only if you intend to let the agent manage servers over SSH. Review the server inventory, SSH config usage, target groups, and any install templates before running commands, especially as root or against production groups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This markdown file documents `MYSQL_ROOT_PASS` with a default value of `secret`, which is a credential-related setting. Although the changelog mentions a prior warning on default password, the active documentation here does not explicitly warn users that using the default password is insecure or should be changed before use.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
70% confidence
Finding
Shadow Command Trigger: 'start instance' conflicts with built-in command 'start'

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
70% confidence
Finding
Shadow Command Trigger: 'stop instance' conflicts with built-in command 'stop'

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
70% confidence
Finding
Shadow Command Trigger: 'create worktree' conflicts with built-in command 'create'

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
70% confidence
Finding
Shadow Command Trigger: 'list instances' conflicts with built-in command 'list'

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.