Security audit

Workflow Checkpoint

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple local workflow checkpoint guide, with an expected privacy caveat around what gets saved in checkpoint files.

Install only if you are comfortable with the agent writing local workflow progress files. Use minimal checkpoint contents, avoid secrets, tokens, user data, internal host details, and raw command output where possible, and delete old checkpoint files when they are no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs agents to persist step outputs, artifacts, and current state into checkpoint files, which can easily capture sensitive data such as credentials, internal paths, tokens, prompts, or user content. Although the skill later says not to save sensitive data, the core protocol and JSON example normalize broad state/output logging without concrete safeguards, making accidental data exposure likely in real workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.