Raid Log Update

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a project-management drafting skill with disclosed RAID-log behavior and no executable code, persistence, or hidden data access.

Install this if you want structured RAID-log and status-report drafting. Before using outputs, review any automatically created linked issues or risks, sanitize sensitive HR/legal/regulatory details, and keep the draft review step with the PM and sponsor.

SkillSpector (1)

By NVIDIA

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: The skill instructs the agent to 'automatically create a linked Issue (or Risk)' when an assumption is invalidated, which conflicts with the broader workflow rule to ask one question at a time when required information is missing and to avoid silent reclassification. This can cause the agent to create or transform governance records without explicit user confirmation, leading to inaccurate RAID state, unauthorized status changes, and misleading downstream RAG/status reporting.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal