Security audit

dat-test-skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward ByteRover metrics reporter, with normal local-command and private-activity-reporting risks to handle carefully.

Install only if you trust the local ByteRover CLI and the Node tooling used to run it. Run it only on intended project directories, keep BRV_CMD and BRV_SINCE simple and trusted, and review quota or error details before sharing reports outside your workspace.

SkillSpector

By NVIDIA

Vulnerability Patterns

System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 90% confidence
Finding: The skill description promises support for multiple project directories and per-project reporting, but the underlying behavior reportedly only accepts a single --cwd argument. This mismatch can cause agents or users to trust the skill with broader automation than it safely implements, leading to incomplete reporting, mis-execution, or analysis of the wrong project path.

Direct Prompt Extraction

High

Category: System Prompt Leakage
Content: When the user provides a list of project paths, run the script once per path and present each as a separate section in your response. ## Output Rules - Output ONLY the formatted metrics summary below — nothing else - Do NOT narrate reasoning, thinking steps, or tool call decisions
Confidence: 94% confidence
Finding: Output Rules

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal