Soc2 Evidence Collector

Security checks across malware telemetry and agentic risk

Overview

This SOC2 audit helper is purpose-aligned and disclosed, but its generated scripts can collect sensitive security evidence that users must handle carefully.

Install this only if you want an agent to help prepare SOC2 evidence. Before running any generated script, review each command, use least-privilege read-only credentials, restrict collection to approved accounts and audit periods, protect the local evidence directory, and redact sensitive values before sharing with auditors.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: This skill explicitly generates automation that enumerates IAM users, credential reports, MFA devices, security groups, CloudTrail configuration, repository protections, and deployment metadata, then writes the results to local evidence directories. Although it later says to review and redact before sharing, it does not prominently warn at the outset that the generated scripts may collect sensitive security configuration and identity data, increasing the risk of overcollection, local exposure, or improper auditor sharing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal