Security audit

Cmdb Test

Security checks across malware telemetry and agentic risk

Overview

This skill is clearly for test-environment CMDB releases, but it can submit real release requests through a logged-in session without a required final user confirmation.

Install only if you intend to let an agent use your authenticated CMDB session to submit real test-environment release requests. Before using it, require the agent to pause and confirm the exact application, release2 branch, 香港-通用-测试 environment, and description before clicking the final confirmation button.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger examples are broad enough that a natural-language request like '对 xxx 应用进行测试发布' could activate this skill for many app names without strong scoping or confirmation. Because the skill performs a real deployment action in CMDB, ambiguous activation increases the risk of unintended release requests being submitted to a live test environment.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill describes directly submitting a release request after filling the form, but it does not require a clear user warning or an explicit approval immediately before the state-changing action. In deployment tooling, this is dangerous because a mistaken app match, stale page state, or misinterpreted request can cause an unauthorized or unintended release workflow to be triggered.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.