Back to skill

Security audit

Incident Responder

Security checks across malware telemetry and agentic risk

Overview

This incident-response skill is mostly purpose-aligned, but it includes powerful live containment and evidence-collection commands without enough enforced safeguards.

Install only if you are using it in an authorized incident-response environment. Treat its command blocks as operator playbooks, not safe automation: review every sudo command, confirm targets manually, capture hashes yourself, store evidence securely, and prepare rollback steps before firewall or account-containment actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (18)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill claims that all evidence is SHA-256 hashed on collection to preserve chain of custody, but the provided collection workflows do not actually compute or record hashes for the acquired artifacts. This creates a dangerous mismatch between operator expectations and actual forensic rigor, potentially undermining evidence integrity, incident decisions, and legal defensibility.

Intent-Code Divergence

Low
Confidence
94% confidence
Finding
The 'read-only by default' claim is inaccurate because normal evidence collection writes case files, creates directories, and stores outputs on the target filesystem. While this is expected operationally, the misleading claim can cause responders to underestimate system modification and forensic contamination risks.

Intent-Code Divergence

Medium
Confidence
99% confidence
Finding
The skill states that containment requires confirmation, but the provided functions execute disruptive actions immediately once called, including firewall changes, session termination, account locking, and full network quarantine. This discrepancy increases the chance of accidental self-inflicted outages or irreversible incident-response mistakes under pressure.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The ransomware playbook includes raw memory and disk acquisition with dd near operational guidance but without a strong local warning about performance impact, storage overwrite risk, legal/privacy implications, and the possibility of destabilizing a live system. In incident conditions, responders may run these commands hastily and damage evidence quality or business operations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The packet capture command can collect sensitive traffic contents, credentials, and personal data, but the playbook does not pair it with an explicit privacy, scope, or authorization warning. In regulated environments this can create compliance exposure and unnecessary overcollection during active response.

External Transmission

Medium
Category
Data Exfiltration
Content
echo ""
echo "--- Known-Bad IP Check ---"
while IFS= read -r ip; do
  result=$(curl -s -X POST "http://localhost:8765/aynops/reputation" \
    -H "Content-Type: application/json" \
    -d "{\"ip\": \"$ip\"}" 2>/dev/null)
  score=$(echo "$result" | jq -r '.abuse_score // 0')
Confidence
87% confidence
Finding
curl -s -X POST "http://localhost:8765/aynops/reputation" \ -H "Content-Type: application/json" \ -d

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# Capture memory
echo "--- Memory Dump ---"
if [ -f /dev/fmem ]; then
  sudo dd if=/dev/fmem of="$MEMDUMP" bs=1M 2>&1
  echo "Memory dump: $MEMDUMP"
else
  echo "  /dev/fmem not available — install fmem kernel module"
Confidence
92% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
echo "Memory dump: $MEMDUMP"
else
  echo "  /dev/fmem not available — install fmem kernel module"
  echo "  Alternative: sudo dd if=/dev/mem of=$MEMDUMP bs=1M"
fi

# If volatility is available, analyze
Confidence
89% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
block_ip() {
  IP="$1"
  echo "Blocking $IP at iptables..."
  sudo iptables -A INPUT -s "$IP" -j DROP
  sudo iptables -A OUTPUT -d "$IP" -j DROP
  echo "$IP blocked: $(date)" >> "$CASEDIR/blocked-ips.txt"
}
Confidence
97% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
IP="$1"
  echo "Blocking $IP at iptables..."
  sudo iptables -A INPUT -s "$IP" -j DROP
  sudo iptables -A OUTPUT -d "$IP" -j DROP
  echo "$IP blocked: $(date)" >> "$CASEDIR/blocked-ips.txt"
}
Confidence
97% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
kill_connections_to_ip() {
  IP="$1"
  echo "Killing connections to $IP..."
  sudo ss -K dst "$IP"
  echo "Connections to $IP terminated: $(date)" >> "$CASEDIR/terminated-connections.txt"
}
Confidence
96% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
revoke_user() {
  USER="$1"
  echo "Revoking sessions for $USER..."
  sudo pkill -KILL -u "$USER"
  sudo passwd -l "$USER"
  echo "User $USER locked: $(date)" >> "$CASEDIR/locked-accounts.txt"
}
Confidence
97% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
USER="$1"
  echo "Revoking sessions for $USER..."
  sudo pkill -KILL -u "$USER"
  sudo passwd -l "$USER"
  echo "User $USER locked: $(date)" >> "$CASEDIR/locked-accounts.txt"
}
Confidence
97% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# Quarantine system
quarantine_system() {
  echo "Quarantining system — dropping all non-loopback traffic..."
  sudo iptables -P INPUT DROP
  sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT DROP
  sudo iptables -A INPUT -i lo -j ACCEPT
Confidence
98% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
quarantine_system() {
  echo "Quarantining system — dropping all non-loopback traffic..."
  sudo iptables -P INPUT DROP
  sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT DROP
  sudo iptables -A INPUT -i lo -j ACCEPT
  sudo iptables -A OUTPUT -o lo -j ACCEPT
Confidence
98% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
echo "Quarantining system — dropping all non-loopback traffic..."
  sudo iptables -P INPUT DROP
  sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT DROP
  sudo iptables -A INPUT -i lo -j ACCEPT
  sudo iptables -A OUTPUT -o lo -j ACCEPT
  echo "System quarantined: $(date)" >> "$CASEDIR/quarantine.txt"
Confidence
98% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo iptables -P INPUT DROP
  sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT DROP
  sudo iptables -A INPUT -i lo -j ACCEPT
  sudo iptables -A OUTPUT -o lo -j ACCEPT
  echo "System quarantined: $(date)" >> "$CASEDIR/quarantine.txt"
}
Confidence
95% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT DROP
  sudo iptables -A INPUT -i lo -j ACCEPT
  sudo iptables -A OUTPUT -o lo -j ACCEPT
  echo "System quarantined: $(date)" >> "$CASEDIR/quarantine.txt"
}
Confidence
95% confidence
Finding
sudo

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.