Aegis Shield

Security checks across malware telemetry and agentic risk

Overview

Aegis Shield is a coherent local security helper, but users should review it because it can persist raw flagged text and depends on an unbundled local scanner module.

Review before installing. Use it only if you trust the local scanner module at the hard-coded path, and do not feed secrets or sensitive content through it unless you are comfortable with quarantined raw text being written to persistent memory files and have a cleanup process for those files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The script appends untrusted input directly into persistent memory or quarantine files with no interactive confirmation, provenance hardening, or content-safe encoding beyond truncation/whitespace cleanup. In this skill's context, that is meaningful because the tool is specifically intended to protect memory from prompt-injection and data-exfiltration content, yet it still persists attacker-controlled text, including full original text in quarantine, which can poison later workflows or preserve sensitive content for future retrieval.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal