Back to skill

Security audit

tunneling

Security checks across malware telemetry and agentic risk

Overview

This skill clearly does what it advertises: it creates a public tunnel to a local port, which is useful but should be used carefully.

Install only if you intend to make selected local services reachable from the public internet. Before using it, confirm the exact port, avoid private admin or debug interfaces, prefer services with their own authentication, and stop the SSH process when the tunnel is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to create a public SSH reverse tunnel to a local service but does not prominently warn that this exposes the service to the public internet without authentication. In this context, the omission is dangerous because users may unknowingly publish development servers, admin panels, webhook listeners, or other sensitive local endpoints, increasing the risk of unauthorized access and data exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.