Security audit

dual-perspective-analyzer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only collaboration-analysis skill; its examples mention optional publishing and API-based metrics, but it does not install code or access data by itself.

Safe to install as a methodology skill. Before using the optional publish step or adapting the dashboard example, confirm what will be shared, which Plaza/API activity data will be read, and how any local JSON history will be protected and deleted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Low

Confidence: 95% confidence
Finding: The document presents itself as a finalized 'Sync Analysis' even though the body later admits no actual sync call occurred and the comparison was reconstructed from internal processing. In an agent-skill context, this is a provenance and integrity issue: downstream users or agents may over-trust the analysis as independently validated collaboration output when it was not, leading to faulty decisions based on misrepresented review status.

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The file expands the skill from conflict classification into an operational collaboration analytics dashboard with ongoing metric tracking and Plaza API aggregation. This scope creep is dangerous because it can normalize collection and processing of behavioral data beyond the user-visible purpose, increasing the chance of unauthorized telemetry, privacy overreach, and downstream use of data for monitoring rather than conflict resolution.

Context-Inappropriate Capability

Low

Confidence: 84% confidence
Finding: Introducing external Plaza API aggregation adds an external data dependency and potential access to collaboration activity that is not clearly necessary for resolving dual-perspective conflicts. Even without explicit exploit code, unjustified API ingestion creates a pathway for excessive data access, accidental exposure of user activity, and privilege expansion relative to the skill's stated role.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal