Back to skill

Security audit

Advocacy Program Designer

Security checks across malware telemetry and agentic risk

Overview

This is a planning-only advocacy workflow that discloses its limited memory writes and does not automate posting, messaging, or engagement.

Install only if you are comfortable with the skill storing limited employee or advocate roster candidate details in local memory after confirmation. Review the generated roster rows before saving, and use channel-registry for any promotion into the canonical advocate roster.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The skill defines contradictory write-authority rules for the sensitive `memory/channels/` namespace: it says `channel-registry` is the sole writer, but also authorizes this skill to write `memory/channels/candidates.md`. In an agent system, ambiguous authority boundaries can bypass intended review or promotion controls, causing unauthorized or inconsistent registry updates and weakening trust in provenance for advocacy roster data.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
This repeats the same policy conflict later in the file, increasing the chance that an agent will choose the more permissive interpretation and write into a protected area. When a skill handles employee/advocate identity-related records, even minimal-person-data candidate writes should follow unambiguous authority and promotion rules to prevent accidental corruption, duplication, or policy bypass.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.