Gate Audit

Security checks across malware telemetry and agentic risk

Overview

This is a checklist-style audit skill for user-provided modeling results, with no code execution or data access; the main caveat is that most instructions are in Chinese.

Install only if Chinese-language audit instructions are acceptable for your workflow, or ensure reviewers can translate and verify the Go/Hold/Kill criteria. From an agentic-security perspective, this is an instruction-only skill and does not appear to access systems or modify data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill content is written entirely in Chinese and does not provide a mechanism to honor the user's language preference. In an audit workflow, this can cause operators to misunderstand gate criteria or outputs, increasing the risk of incorrect Go/Hold/Kill decisions and failed review handoffs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal