Systemd

Security checks across malware telemetry and agentic risk

Overview

This skill does not appear to steal data or change your system, but its systemd guidance is mostly generic placeholder text and could mislead users expecting real systemd help.

Review this before installing if you need reliable systemd guidance. It appears safe from a data-access and persistence perspective, but treat its output as generic placeholder advice and verify any real operational steps against trusted systemd documentation before using it on production systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The script presents itself as a systemd reference tool, but nearly all emitted content is generic placeholder documentation unrelated to systemd. In an operational context, misleading or fabricated technical guidance can cause administrators or agents to make incorrect changes, creating reliability and security risks through misinformation rather than direct code execution.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The tool's headings and documentation imply authoritative systemd guidance, yet the content includes broad generic advice and unrelated topics such as migration and networking. This mismatch increases the chance that users will trust incorrect instructions in sysops workflows, potentially leading to unsafe service management decisions or misconfiguration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal