DCL Provenance Tracker — Supply Chain & Version Drift Verifier

Security checks across malware telemetry and agentic risk

Overview

This is a local, instruction-only checklist for comparing skill versions, with no executable code or hidden data movement found.

Reasonable to install as a local review aid. Paste only the skill versions you intend to compare, treat any candidate skill text as untrusted evidence, and treat PASS/WARN/BLOCK plus the DCL fingerprint as advisory. Do not enable any separate audit-chain commit unless you are comfortable publishing the listed hashes and verdict metadata externally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill repeatedly claims to be instruction-only and local-only, but later includes an integration path to commit provenance proofs to an external audit chain. Even though described as optional and caller-performed, this contradicts the privacy and locality guarantees and can mislead operators into enabling outbound data flows they did not expect.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The documentation asserts that no data leaves the agent and no external calls are made, yet later describes committing a generated proof to an external audit chain. This kind of contradictory security documentation is dangerous because users may trust a local-only guarantee while adopting a workflow that transmits metadata or hashes externally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal