Ragtop Agent

Security checks across malware telemetry and agentic risk

Overview

This RAG helper matches its stated purpose, but its default unencrypted private API address could send tokens and queries to an unintended internal host if not configured carefully.

Install only if you operate or trust the RAGTOP backend. Set RAGTOP_API_URL explicitly to the correct trusted endpoint, preferably HTTPS, and use a scoped RAGTOP_API_TOKEN. Avoid sending secrets, regulated data, or broad internal corpora unless that backend is approved for that data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The workflow explicitly instructs the agent to send user-derived queries, knowledge-base selection, and document-selection data to an external RAGTOP backend using an authenticated bearer token, but it provides no requirement for user notice, consent, or data-minimization safeguards. In a RAG/agent context, user prompts may contain sensitive business, personal, or regulated information, so silent transmission to a remote service creates a real privacy and data-governance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal