Security audit

Process Monitor Dashboard

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local process monitor, with the main caution that its output can reveal running programs and usernames.

Safe to install for local system monitoring. Treat terminal or JSON output as potentially sensitive because it may show local users, running applications, service names, PIDs, and system layout; avoid sharing exports publicly, and install psutil from a trusted package source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 83% confidence
Finding: This skill enumerates running processes and emits usernames, PIDs, process names, and resource usage to stdout/JSON without any consent prompt, masking, or sensitivity notice. In many environments, process metadata can reveal logged-in accounts, installed software, internal services, or operational details useful for reconnaissance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal