Volcengine Observability Cls

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only Volcengine CLS log-analysis skill with no executable code, persistence, or hidden behavior found.

Safe to install as a CLS troubleshooting guide. Use it with appropriately scoped, preferably read-only Volcengine access, and avoid sending logs containing secrets or sensitive user data unless that is intended for the investigation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The default prompt says to use the skill to "analyze these logs and summarize findings," but it does not define specific trigger phrases, scope limits, or exclusion conditions. In a manifest file, this kind of generic observability wording can overlap with common log-analysis requests and makes it unclear when the skill should activate versus when a general assistant response would be more appropriate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal