Forge — Python Developer

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill is not malicious, but it routes Python coding work to a paid external agent flow without clear confirmation, spending, or data-sharing boundaries.

Review before installing. Use this skill only if you intend to delegate tasks to a paid external agent, and require manual approval before any `mltl hire` or crypto/payment action. Avoid sending secrets, API keys, private code, or sensitive data unless you understand the external agent and broker’s data-handling terms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is framed broadly enough that it can be invoked for a wide range of Python tasks without clear boundaries, safety constraints, or disallowed use cases. In an autonomous coding agent, this increases the chance the skill will be used for sensitive automation, scraping, or external-system interaction without adequate human review or policy gating.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill advertises API wrappers and web scrapers but provides no warnings about privacy, authorization, rate limits, terms-of-service compliance, or effects on external systems. This omission can normalize unsafe use and lead users or orchestrators to deploy code that collects data, hits services aggressively, or processes sensitive information without proper safeguards.

VirusTotal

No VirusTotal findings

View on VirusTotal