Wv Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed credential-vault integration, but it should only be installed by users who intentionally want an agent to use vault-managed secrets and run authorized commands with them.

Install only if you trust Wundervault and intend to let your agent use scoped vault credentials for commands, config files, SSH, or deployment tasks. Verify the npm package and onboarding script checksum/signature before running setup, keep grants least-privilege, and enable `.env` injection or Tier 2 secrets only for workflows where you understand the impact.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The installation flow instructs users to download and execute a remote Python script that decrypts credentials locally, writes secret material to disk, and modifies local agent configuration, but it does not present a clear, explicit security warning before those actions. Even though the document mentions self-signature verification and provides pinned metadata elsewhere, users are still being guided to run high-trust code from the network with access to sensitive credentials and config changes, which increases supply-chain and user-consent risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal