Back to skill

Security audit

Agent Safety Monitor

Security checks across malware telemetry and agentic risk

Overview

The skill does not show theft or destructive behavior, but it overstates real-time safety enforcement and references missing components, so it should be reviewed before use.

Treat this version as a prototype offline log analyzer, not a complete guardrail system. Do not rely on it to actually pause or kill agents, enforce file/API/network access, run a dashboard, or handle wallets or sensitive credentials unless those capabilities are added in reviewed artifacts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Credential Access

High
Category
Privilege Escalation
Content
# Blocked target patterns
blocked_targets:
  - /etc/shadow
  - .env
  - private_key
  - password
Confidence
95% confidence
Finding
/etc/shadow

Credential Access

High
Category
Privilege Escalation
Content
# Blocked target patterns
blocked_targets:
  - /etc/shadow
  - .env
  - private_key
  - password
Confidence
60% confidence
Finding
.env

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.