Domain Authority Auditor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent SEO domain-audit skill with disclosed local memory persistence as its main privacy caveat.

Safe to install for domain authority audits. Before using it on confidential domains or penalty investigations, decide whether local memory retention is acceptable and ask the agent to avoid or clear memory/hot-cache.md if you do not want findings reused in future sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs auto-saving veto issues to persistent memory (`memory/hot-cache.md`) but only asks for consent for the broader report save afterward. That creates a data-retention/privacy risk because potentially sensitive domain, penalty, or trust-risk observations may be stored without explicit user awareness or opt-in.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal