Vmware Storage
Security checks across malware telemetry and agentic risk
Overview
This skill is a clearly disclosed VMware storage management helper with expected access to vSphere storage APIs and credentials, and the risky operations are documented as scoped, auditable, and user-controlled.
Install only if you intend to let an agent manage VMware storage. Use a least-privilege vSphere account, keep ~/.vmware-storage/.env at chmod 600, review dry-runs before write operations, and be aware that iSCSI target changes can affect host storage availability even though the skill documents confirmations and audit logging.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.