Governance Inheritance

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it needs review because it creates persistent governance policies while its deny/allow inheritance rules are internally inconsistent.

Review this skill before installing it as an enforcement dependency. Back up any existing GOVERNANCE_ROOT directory before running the initializer, test policy resolution on sample parent-deny/child-allow cases, and do not treat it as a reliable security boundary until the precedence rules are clarified and covered by tests.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The documentation states that 'deny always wins' and that evaluation is ordered by rule position, but the pseudocode instead sorts all rules globally by specificity and returns on the first match. In a governance system, this can let a more specific child allow override a broader parent deny, undermining security boundaries and causing policy authors to believe protections exist when the implementation would permit blocked actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal