auth-md-signup
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed auth signup helper that handles email OTPs and scoped service tokens with explicit user consent.
Install only if you want your agent to create auth.md accounts on your behalf. Expect it to ask for your email and OTP, and use persistent token storage only if you are comfortable keeping scoped service tokens in the configured JSON file.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.