1password Hardened
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed 1Password CLI helper for handling secrets, with sensitive access that fits its stated purpose and includes relevant safety guardrails.
Install this only if you intend to let your agent help with 1Password CLI workflows. Treat it as sensitive: keep 1Password app approval in your control, avoid exposing secret values in chat or logs, do not use it to send secrets to network commands, and verify any op command before it runs.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.