Back to skill

Security audit

Agentpmt Audit Logs

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed, read-only AgentPMT audit-log helper, though users should remember it can expose sensitive chat and tool-call history.

Install only if you want agents to read AgentPMT audit history. Prefer current_agent_group scope, avoid all_authorized_agent_groups unless needed, and treat returned transcripts and tool-call logs as potentially sensitive because they may include private user content or operational details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises broad natural-language triggers such as summarizing weekly agent activity and reviewing past conversations, which can cause unintentional activation in contexts where a user did not explicitly intend to query audit logs. Because this skill exposes account activity history and chat/tool-call records, accidental invocation can lead to unnecessary access or disclosure of sensitive operational metadata.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The top-level description is very broad and repeatedly frames the skill as a general way to inspect past agent activity without stating clear limits on when it should not be used. In a skill-selection system, this increases the chance that the audit-log tool is chosen for loosely related requests, exposing transcripts, workflow history, or tool-call records beyond the user's actual need.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The schema exposes actions that retrieve chat transcripts, correlated tool calls, workflow runs, and cross-agent-group audit data, but it does not prominently warn that these outputs may contain sensitive user content, credentials, internal identifiers, or operational metadata. In an audit-log skill, lack of explicit privacy and data-handling guidance increases the chance that downstream agents or users will over-collect, broadly scope, or improperly summarize sensitive data across authorized groups.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.