.Terminal Command Execution.Disabled.20260401 113328

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed terminal-command helper with safety guidance, and the scanner alert is based on warning text rather than dangerous behavior.

Install this only if you want the agent to help with local terminal work. Review commands before state-changing operations, be cautious with installs or service changes, and use a trusted workspace or sandbox for risky command-line tasks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tool Parameter Abuse

High

Category: Tool Misuse
Content: - Include exact next command only when additional user action is required. ## Safety Rules - Avoid destructive commands by default (`rm -rf`, force resets, broad chmod/chown) unless explicitly requested. - Never assume network, permissions, or package managers are available; test first. - Prefer scoped operations (specific files/paths/services) over global changes. - Keep secrets out of command output and logs.
Confidence: 85% confidence
Finding: rm -rf`, force resets, broad chmod/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal