Key Vault Auditor
Security checks across malware telemetry and agentic risk
Overview
This is a read-only Azure Key Vault audit guide that asks users to provide exported configuration data and explicitly warns against sharing secrets.
Install only if you are comfortable sharing Azure Key Vault configuration and access metadata with the agent. Run any Azure CLI commands yourself using read-only permissions, and remove secret values, tokens, connection strings, and unrelated confidential data before pasting outputs.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.