Back to skill

Security audit

Dataworks Smart Monitor

Security checks across malware telemetry and agentic risk

Overview

This DataWorks monitoring skill is coherent, but it handles cloud credentials and operational logs and can send reports to Feishu without strong scoping or confirmation controls.

Install only after confirming the DataWorks project scope, using a dedicated read-only access key, storing secrets outside source files, and approving the exact Feishu webhook or channel. Redact task logs, identifiers, SQL fragments, tokens, and internal URLs before LLM analysis or external posting, and enable cron or sub-agent runs only if recurring autonomous monitoring is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README encourages a pattern of embedding cloud access credentials directly in source code, even as placeholders, without any warning to use environment variables or a secret manager. In a monitoring skill that connects to DataWorks, this normalizes insecure secret handling and increases the chance that real credentials will later be committed, leaked, or reused unsafely.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README shows how to send monitoring results to a Feishu webhook but does not warn that task names, failure reasons, or operational metadata may be transmitted to an external service. In this skill's context, the data being monitored is operationally sensitive, so encouraging outbound notifications without data-classification, minimization, or approval guidance can lead to unintended disclosure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to send detailed monitoring reports and alerts to Feishu after collecting task metadata and failure logs, but it does not require user consent, data minimization, or mandatory redaction before transmission. Because DataWorks error logs can contain sensitive operational details, SQL fragments, identifiers, or secrets, forwarding them to an external messaging platform creates a real data leakage risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.