Knowledge Graph - Schema Migration Diff

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent schema-migration helper, but users should review generated migration scripts carefully before running them on real graph databases.

Install is reasonable for schema migration planning. Before using any generated Cypher, SPARQL, or Python migration against production data, run it in staging, keep backups, validate copied fields before removing old ones, and prepare a rollback path.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The example migration explicitly removes `s.name` after copying it to `s.full_name`, but the surrounding example does not include an explicit warning that this is a destructive step with potential data-loss consequences if the copy was incomplete, incorrect, or if dependent queries still rely on the old property. In a skill that generates migration plans and scripts, users may copy examples directly into production workflows, so omission of a clear warning and verification/rollback guidance materially increases the chance of accidental schema-breaking changes.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal