Shadow Traffic Tester

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent shadow-traffic testing guide, but users should handle production logs and Kubernetes changes carefully.

Before using this skill, confirm you are allowed to mirror production traffic and collect access logs. Prefer redacted or sampled logs, store any captured data in a restricted directory instead of shared /tmp paths, delete it after analysis, and review the Kubernetes manifests before applying them to a live cluster.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs users to collect and store production and shadow access logs in /tmp and analyze them without any warning about sensitive data exposure. Access logs commonly contain URLs, query strings, identifiers, headers, tokens, IPs, and sometimes request/response content, so this can lead to unintended handling, retention, or disclosure of production data during testing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal