Back to skill

Security audit

Edith Augment Code

Security checks across malware telemetry and agentic risk

Overview

This is a transparent wrapper for the Auggie coding CLI; it has normal external coding-agent risks but no evidence of hidden or malicious behavior.

Install Auggie only from the official Augment Code source, use it intentionally, and run it from a scoped repository under version control. Avoid invoking it in projects containing secrets or sensitive proprietary code unless that exposure is acceptable, and review any generated changes before applying them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill is user-invocable and its description says it should trigger whenever the user asks to build, code, debug, analyze, or prototype something, which is extremely broad. In an agent environment, this can cause unintended invocation on routine coding-related requests and route sensitive repository contents or user prompts to the external `auggie` CLI without clear user intent or scope confirmation.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The when-to-use section enumerates very common phrases like 'analyze this codebase', 'fix the auth bug', and 'what's wrong with this approach' without any boundary conditions. Because the skill wraps an agentic external CLI, these broad activation cues increase the chance of accidental activation, unnecessary codebase exposure, and unintended code generation or modification actions in contexts where a simpler local response would be safer.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.