Security audit
ThinkWiki
Security checks across malware telemetry and agentic risk
Overview
ThinkWiki is a clearly described local Markdown knowledge-base helper with disclosed optional LLM and embedding integrations and no scanner findings.
Before installing, verify that the referenced ThinkWiki runtime files and dependencies come from the expected source. Configure LLM or embedding API keys only if you are comfortable sending relevant wiki content to those providers, and review entity merge plans before applying them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
