VeriGlow Agent Map

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only lookup skill for web data-extraction maps, with disclosed but user-controlled network and proxy considerations.

Before installing, treat this as a helper for discovering and using external website data-access recipes. Avoid submitting sensitive internal URLs, secret query strings, or customer-specific pages to VeriGlow unless you are comfortable sharing them. Review any returned curl commands, hidden API calls, browser automation steps, and proxy suggestions before use, and make sure you are authorized to access the target site and comply with its terms and rate limits.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly recommends using a CN-based proxy to bypass geographic blocking, but it does not warn about privacy exposure, policy/legal constraints, or the trust risks of routing sensitive traffic through a third-party network. In an agent context, this can cause operators to unknowingly send requests, credentials, or target URLs through untrusted infrastructure, increasing the chance of data leakage or policy violations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal