Data Lineage Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent data-lineage helper with expected cautions around filesystem access and sensitive audit exports.

Install if you are comfortable allowing the agent to read user-selected project files and create lineage exports. Keep exports in approved locations and review them before sharing because they may reveal internal systems, owners, locations, and data-flow relationships; verify the 2.0.0/2.1.0 version mismatch if exact provenance matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: This markdown file includes a Quick Start step to export complete lineage data for audit use, and the implementation exports source names, locations, owners, entity relationships, and transformation history. The description does not provide any warning that the export may contain sensitive operational or user-identifying metadata, which is relevant for a skill centered on compliance and audit trails.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal