Back to skill

Security audit

Byterover 2.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate project-memory helper, but it pushes agents to use an external LLM-backed CLI before any work, which may expose project context more broadly than users expect.

Install only if you want an agent-managed project memory system. Verify the `byterover-cli` package and provider settings before use, avoid storing secrets or sensitive files, decide whether `.brv` belongs in version control, and require explicit approval before querying, curating file contents, or using cloud sync.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The skill explicitly states the agent 'MUST use this for gathering contexts before any work,' removing user choice and encouraging automatic invocation before task scoping or consent. That is dangerous because the tool can transmit prompts and file contents to an external LLM provider, so mandatory pre-use increases the chance of unnecessary data exposure and unsafe tool invocation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.