Back to skill

Security audit

SkillFlowChart

Security checks across malware telemetry and agentic risk

Overview

This skill is a flowchart generator with a local Python renderer; the flagged HaluCatch files are example diagrams, not hidden runtime behavior.

Install only if you want a local tool that converts skill workflow descriptions into HTML flowcharts. Review generated nodes before rendering and choose output paths deliberately, since the script writes files where directed. Treat bundled HaluCatch documents as examples, not as SkillFlowChart's runtime authority.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The embedded flowchart describes active auditing and remediation behaviors such as generating repair plans and applying fixes to a target skill, which goes beyond the declared read-and-generate visualization scope. In an agent-skill ecosystem, mismatched documentation can socially engineer operators or downstream agents into granting broader trust and permissions than the manifest warrants, increasing the risk of unsafe execution paths.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The title and subtitle present this file as a different security auditing/remediation skill ('HaluCatch') rather than the declared flowchart generator. This identity mismatch can mislead users, reviewers, or automated systems about what the skill is and does, which is dangerous in security-sensitive agent environments where documentation often influences trust and invocation decisions.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The flowchart documents the skill as generating remediation plans, applying fixes, and modifying target skills, which exceeds the declared read-and-generate visualization scope. In agent ecosystems, documentation is often used as behavioral guidance; this mismatch can enable unauthorized write/actions or mislead reviewers and operators about what the skill is supposed to do.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The file is presented as this skill's execution decision flowchart, but it actually describes a different workflow for HaluCatch auditing and remediation. This kind of deceptive or mismatched operational documentation can confuse users, downstream agents, or policy engines, causing them to invoke the wrong process or assume the skill has capabilities and authority it should not have.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The flowchart explicitly depicts '应用修复 / AI 修改目标 Skill' without any adjacent warning, approval gate, or review expectation. In an agent-skill context, normalizing autonomous code modification can lead users or downstream systems to apply generated fixes without adequate human review, creating integrity and supply-chain risk if incorrect or unsafe changes are introduced.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The flow explicitly includes '应用修复 / AI 修改目标 Skill', which indicates automated modification of a target skill after generating a fix plan, but the diagram shows no explicit user confirmation, diff review, backup, or rollback checkpoint before changes are applied. In a skill that processes and edits skill files, this can lead to unauthorized or unsafe file modifications, especially if the AI misinterprets the target or produces destructive edits.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.