Roo Code

Security checks across malware telemetry and agentic risk

Overview

This is a coherent developer-tool guide for Roo Code with powerful but disclosed agent and MCP capabilities.

Install only if you intend to give a coding agent access to your workspace and selected external services. Use trusted MCP servers, scope tokens narrowly, avoid exposing high-privilege secrets, and review file changes and commands before allowing them to run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly documents MCP integration with external tools and shows passing a GitHub token via environment variables, but it does not warn users that connecting such tools can expose repository data, credentials, or other sensitive context to the agent and external servers. In an AI coding agent context, this is more dangerous than a normal setup guide because the agent can autonomously invoke tools and act on connected resources, increasing the chance of unintended data access or misuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal