Back to skill

Security audit

Social Quality Auditor

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent social-media audit gate, but it relies on live remote reference files when installed standalone and automatically writes audit state into shared memory.

Install this only if you are comfortable with an auditor skill reading your social records and analytics exports, saving audit results into memory, and updating a shared cache. Prefer a full packaged install with local reference files, or verify/pin any fetched GitHub references before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The standalone-install fallback explicitly instructs the agent to fetch governing reference files from GitHub before scoring. That expands the skill's trust boundary from local, user-supplied artifacts to live remote content, creating a supply-chain and prompt-injection risk if the remote repository changes, is compromised, or returns unexpected content. In an auditor skill, this is especially sensitive because fetched instructions can influence verdicts and downstream writes.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The standalone-install fallback explicitly instructs the skill to retrieve remote reference files from GitHub before it can proceed. That expands the skill's effective trust boundary from local audit inputs to network-fetched content, creating supply-chain and prompt-injection risk if the remote content changes, is compromised, or is unavailable and substituted. In this context, the fetched files directly influence audit logic, so the risk is more significant than a harmless documentation link.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
## Save Results

Write the artifact to `memory/audits/social/YYYY-MM-DD-<topic>.md` with `class: auditor-output` in its frontmatter and the full §1 handoff schema (`status`, `objective`, `target`, `key_findings`, `evidence_summary`, `recommended_next_skill`, `cap_applied`, `raw_overall_score`, `final_overall_score`). The PostToolUse Artifact Gate validates anything under `memory/audits/`. Promote one veto marker and the verdict to `memory/hot-cache.md` without asking — the gate privilege. Registry-grade facts surfaced by the audit (a state contradiction, an expired permission) go to `memory/channels/candidates.md` for [channel-registry](../../../protocol/channel-registry/SKILL.md) to promote — this gate never writes `memory/channels/` records. Do not save to a bare `memory/` path — that bypasses the gate. `memory-management` later rolls these into the monthly `memory/audits/YYYY-MM.md` aggregate.

## Reference Materials
Confidence
84% confidence
Finding
without asking

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
## Save Results

Write the artifact to `memory/audits/social/YYYY-MM-DD-<topic>.md` with `class: auditor-output` in its frontmatter and the full §1 handoff schema (`status`, `objective`, `target`, `key_findings`, `evidence_summary`, `recommended_next_skill`, `cap_applied`, `raw_overall_score`, `final_overall_score`). The PostToolUse Artifact Gate validates anything under `memory/audits/`. Promote one veto marker and the verdict to `memory/hot-cache.md` without asking — the gate privilege. Registry-grade facts surfaced by the audit (a state contradiction, an expired permission) go to `memory/channels/candidates.md` for [channel-registry](../../../protocol/channel-registry/SKILL.md) to promote — this gate never writes `memory/channels/` records. Do not save to a bare `memory/` path — that bypasses the gate. `memory-management` later rolls these into the monthly `memory/audits/YYYY-MM.md` aggregate.

## Reference Materials
Confidence
84% confidence
Finding
without asking

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.