Infra Monitoring

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only infrastructure monitoring skill that is clear about checking user-provided server metrics and endpoints.

Install this if you want help interpreting server metrics or checking endpoints you control. Only provide domains, IPs, logs, and infrastructure details you are authorized to test, and avoid pasting secrets, private keys, API tokens, or sensitive user data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 79% confidence
Finding: The test prompt instructs the skill to check live endpoints and SSL certificates but does not mention that doing so may involve outbound network access to user-supplied domains. In an agent setting, that can create SSRF-like risk, unexpected external requests, or privacy issues if users do not realize the skill may contact arbitrary hosts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal