Artifact Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill is a local document-analysis helper that transparently reads selected project documents and writes cited reports to disk.

Install if you want a local, citation-backed document analysis workflow. Before running it on sensitive projects, choose a clear output directory and remember that findings and reports may retain verbatim document excerpts; avoid pointing it at private material you do not want persisted in analysis files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly writes plan/findings/report files to disk and, on refresh, archives prior contents automatically. While this appears operational rather than malicious, automatic filesystem writes and archival can create unintended data retention, overwrite surprises, or disclosure risks if callers do not clearly understand where sensitive document excerpts will be persisted.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal