Knowledge Graph - Multi Hop Reasoning Query Builder

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent graph-query helper; it does not install dependencies, access credentials, run network calls, or persist anything, but users should be careful with its sensitive-data examples.

Install only if you need help drafting graph traversal queries. Review generated queries before running them on real databases, especially in healthcare, finance, fraud, or account datasets, and add your own authorization checks, masking, limits, and audit controls for sensitive data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The healthcare example models and returns highly sensitive patient-related fields, including last_location and the full contact_chain, without any warning about privacy, access controls, de-identification, or regulatory constraints. In a query-building skill, this can normalize generating queries that expose protected health and movement data, increasing the risk of privacy violations or misuse in real deployments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal