Back to skill

Security audit

VDA6.5产品审核技能

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only automotive product audit guide with one confidentiality caution users should keep in mind when taking audit photos.

Before installing or using this skill, make sure audit photos and records follow your site, customer, and data-classification rules; avoid capturing unnecessary background details, restricted areas, personal data, or proprietary identifiers, and store evidence only in approved access-controlled systems.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill explicitly instructs users to photograph nonconformities during on-site audits but does not warn about protecting sensitive product, production, facility, or customer information that may appear in those images. In automotive and manufacturing environments, such photos can capture proprietary designs, traceability labels, operator data, or controlled areas, creating confidentiality and compliance exposure if stored or shared insecurely.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.