Bitwarden Bw

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Bitwarden CLI helper, but it tells users to persist a vault session token in a shell startup file.

Review before installing. Use only temporary Bitwarden sessions, avoid saving BW_SESSION in shell startup files, unset it after use, and ask the agent to reveal only the specific secret needed while considering terminal, chat, and tool logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs users to keep the Bitwarden session token in the BW_SESSION environment variable and states it is persisted in ~/.zshrc. A persistent shell startup file is an unsafe place for a sensitive session token because it can be exposed through local file access, backups, shell history/workflow mistakes, or other processes that inherit the environment, enabling unauthorized vault access while the session remains valid.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal