Sop Bom Report

Security checks across malware telemetry and agentic risk

Overview

This is a local SOP/BOM Excel comparison skill whose file access and cleanup behavior are disclosed and aligned with generating reports.

Install only if you are comfortable with a local Python script reading the SOP/BOM spreadsheets you provide and writing an Excel report. Avoid running it with elevated privileges, review the cleanup commands before using them manually, and keep important reports outside the selected output directory if they match the 校对报告 .xlsx naming pattern.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documented cleanup commands perform irreversible wildcard deletion in system temporary directories without a clear warning about scope, review steps, or recovery limits. Users may run them blindly and delete unrelated files matching the prefixes, especially on shared systems or when temp paths are manipulated.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal