Open Dynamic Workflows

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for a local workflow daemon, with sensitive capabilities that fit its stated multi-agent orchestration purpose.

Install only if you trust the external Open Dynamic Workflows daemon repository and are comfortable giving it access to model-provider credentials and your project directory. Review the daemon approval settings before execution, especially for file writes, shell commands, git operations, cost limits, and long-running background workflows.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill declares required environment variables and invokes a local daemon bridge that connects to a local HTTP API, but it does not declare corresponding permissions for environment access or network communication. This creates a capability mismatch where the skill can access sensitive credentials and perform networked orchestration without transparent permission signaling to the host, increasing the risk of unauthorized secret exposure or external communication.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal