Cad Agent 1.0.0
Security checks across malware telemetry and agentic risk
Overview
This is a coherent CAD helper, but it needs review because it asks users to run an unpinned Docker service that accepts code over a published network port.
Before installing, review the external cad-agent repository and prefer a pinned commit or release. Run the service only on a trusted machine, bind or firewall port 8123 to localhost, avoid exposing it on shared networks, and stop or remove the detached container when finished.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.