安装 ob1 openblocklabs 完成验证步骤

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward OB1 install and login guide with expected but sensitive setup steps.

Install only if you trust OpenBlockLabs and the installer URL at the time you run it. Treat the device code and ~/.ob1/ token as sensitive, avoid shared or untrusted machines for authentication, and use non-interactive '-y' runs only when you explicitly want OB1 to proceed with fewer prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill instructs users to execute a network-fetched installer directly with `bash`, which prevents inspection of the script before execution and gives remote code full user-level execution on the host. In a coding-agent installation skill, this is especially dangerous because users are likely to copy-paste the command verbatim, and any compromise of the hosting domain, TLS termination, or install script would immediately become arbitrary code execution.

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The authentication instructions note only after confirmation that an auth token is saved under `~/.ob1/`, but they do not clearly warn users in advance that persistent credentials will be stored locally. This can lead to unsafe use on shared, ephemeral, or production systems where local token storage increases the risk of credential exposure through weak file permissions, backups, or unintended account reuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal