tinman
agent-tinman · v0.6.3 · by oliveskin
63.8
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 70.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 40.0 | 15% |
| Clickfix | 65.0 | 15% |
| Credential | 20.0 | 15% |
| Twostage | 100.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 70
[HIGH] Prompt injection or system override attempt
(line 269)
**Evidence:** "Ignore previous instructions and..."
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 40
[CRITICAL] Classic prompt injection: ignore previous instructions
(line 269)
**Evidence:** "Ignore previous instructions and..."
[HIGH] Content contains alarming words not in description: override
CLICKFIX — Score: 65
[CRITICAL] Instructs user to disable security features
(line 111)
Add patterns to the allowlist (bypass security checks for trusted items).
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 100
No findings.
CREDENTIAL — Score: 20
[CRITICAL] SSH key file access or exfiltration
(line 72)
/tinman check bash "cat ~/.ssh/id_rsa" # Returns: BLOCKED (S4)
[CRITICAL] SSH key file access or exfiltration
(line 262)
**Evidence:** `bash(cmd="cat ~/.ssh/id_rsa")`
TYPOSQUAT — Score: 100
No findings.