A2ap

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed agent-to-agent networking reference implementation, with no hidden persistence, exfiltration, or destructive behavior found.

Install only if you want a Python reference implementation for agent-to-agent networking. Keep it on localhost or trusted networks, do not expose registered capabilities to untrusted peers, and do not rely on the advertised HMAC/trust controls as complete authentication without reviewing or strengthening the code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly instructs users to start a network service, perform UDP-based discovery, and invoke remote agent capabilities, but it does not warn about exposing services on the network, trusting discovered peers, or the risk of executing remote interactions against untrusted agents. In a skill whose core purpose is agent-to-agent communication, omission of operational safety guidance materially increases the chance of unsafe deployment, lateral movement opportunities, or accidental interaction with malicious local-network peers.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal