Back to skill

Security audit

Zero Trust

Security checks across malware telemetry and agentic risk

Overview

This appears to be a defensive security guardrail skill, with some usability and authorization caveats but no evidence of hidden execution, data theft, or destructive behavior.

Install this only if you want a conservative safety layer that may ask for approval frequently. Before relying on it in a shared or non-Pat environment, update the approval authority language so it refers to the current authorized user or designated approver.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation description is extremely broad and could cause this skill to trigger on a large fraction of normal agent activity, including routine web access, installs, messaging, and any action with external effects. Over-broad activation can create policy conflicts, denial-of-service-like friction, or unintended control over workflows, especially if multiple skills compete or if the skill blocks normal execution paths.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill hard-codes trust and approval authority to a specific person ('Pat'), which can misalign authorization decisions with the actual user or operator of the agent. This creates a confused-deputy risk where the agent may refuse legitimate instructions from the current user or improperly anchor approval logic to an identity that is not verified in context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.