Back to skill

Security audit

Ship Paid App

Security checks across malware telemetry and agentic risk

Overview

This skill is a plainly disclosed SettleMesh deployment helper, but users should only invoke it when they actually want a public, metered deployment.

Install this only if you want Codex to deploy projects through SettleMesh. Before use, be comfortable with uploading source code to SettleMesh, creating a public run.settlemesh.io URL, using a cached SettleMesh session or API key, and incurring metered billing after confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description is extremely broad and can match many ordinary requests about building, launching, or adding auth/database support, causing the agent to invoke a deployment workflow in situations where the user did not clearly ask to publish code or incur external side effects. In this skill's context, that broad trigger is more dangerous because the skill performs networked authenticated actions, can create public URLs, and may lead to billable operations or exposure of unfinished/private applications.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.