Back to skill

Security audit

Entity Registry

Security checks across malware telemetry and agentic risk

Overview

This is mostly a controlled entity-registry audit skill; some references drift into SEO/GEO advice, but there is no hidden, automatic, or destructive behavior.

Install this if you want structured help auditing and maintaining canonical entity identity records. Treat the SEO/GEO and content recommendations in the references as advisory handoff material, and do not let the skill directly edit public pages, profiles, backlinks, or brand messaging unless the user separately authorizes that work through the appropriate specialized skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This checklist extends the skill into AI-citation readiness and page/content optimization, which the manifest explicitly says should be handled by a different skill. That scope drift can cause an agent to take actions outside its approved boundary, increasing the chance of misrouting tasks, applying the wrong controls, or making unauthorized content changes.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The file includes broader content authority, PR, and marketing-style tasks that are not part of the declared entity-registry purpose. In an agent setting, these extra instructions can lead to overbroad execution and unintended modifications beyond identity reconciliation or knowledge graph maintenance.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
Backlink-profile and anchor-text optimization are SEO growth tactics, not machine-facing entity registry operations. Including them here weakens separation of responsibilities and may cause an agent to pursue external promotion strategies under the guise of registry maintenance.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The document directly contradicts the manifest by labeling AI-specific signals as 'Must-Have for GEO' inside a skill whose metadata says GEO belongs elsewhere. Contradictory routing guidance is dangerous because agents may prioritize the in-file instructions over the manifest and execute the wrong workflow, defeating policy boundaries between skills.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
This section extends the skill into page-level AI-citation readiness and broader GEO optimization, which the skill metadata explicitly says should be handled by a different skill. That scope drift can cause an agent to take actions outside its intended trust boundary, leading to incorrect tool selection, over-broad changes, or unsafe automation against content areas this skill was not meant to manage.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The documentation includes human-facing content authority and SEO-style growth work beyond entity identity reconciliation and registry maintenance. In an agent setting, this broadens the operational scope from controlled knowledge-graph maintenance into reputation, PR, and editorial strategy tasks, increasing the chance of unauthorized or misleading changes.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
This section expands beyond machine-facing entity registry maintenance into page-level AI-citation and content optimization tactics such as shaping About-page copy, SEO for branded queries, and broader mention-building. That scope creep can cause an agent invoking this skill to modify or recommend changes outside its declared boundaries, increasing the chance of unauthorized or misrouted actions across adjacent content and brand-governance workflows.

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The guide instructs updating human-facing About pages and profiles, which conflicts with the skill manifest's explicit exclusion of human-facing brand canon work. In an agent setting, this can lead to boundary violations where the skill influences public-facing messaging or profile content without routing through the intended brand/narrative controls, creating governance and integrity risks.

Description-Behavior Mismatch

Medium
Confidence
83% confidence
Finding
This section introduces page-level AI-citation/GEO tactics such as quotable About-page copy, SEO for branded queries, and content association building, which exceeds the skill's declared machine-facing entity-registry scope. In an agent setting, scope drift is risky because it can cause the skill to recommend or perform broader content/SEO actions than intended, bypassing routing to the correct specialized skill and undermining separation of responsibilities.

Description-Behavior Mismatch

Medium
Confidence
76% confidence
Finding
The guide covers broad knowledge-panel optimization and profile/content updating across Google, Bing, About pages, social profiles, and authoritative mentions, not just canonical entity-registry maintenance. While not overtly malicious, this broad operational guidance can prompt an agent to take actions outside its approved scope, increasing the chance of improper edits, misrouting, or conflation of registry management with public-facing reputation/content work.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.