Back to skill

Security audit

little-snitch

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent Little Snitch helper, but it can guide powerful firewall and traffic-log commands that users should approve deliberately.

Install only if you want an agent to help operate Little Snitch on macOS. Prefer read-only status and log commands first, and approve any sudo command, profile or rule-group change, preference write, restore, backup export, or traffic capture only when you specifically requested it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill documents traffic logging commands, including live streaming and historical queries, but does not explicitly warn that these outputs can reveal sensitive network metadata such as hostnames, connection timing, destinations, and process activity. In a security/firewall-management skill, that omission increases the chance that an agent or user will expose private operational data during troubleshooting without applying minimization or redaction.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The command list includes write-capable and restore-capable operations such as profile changes, rulegroup changes, write-preference, and restore-model, but it only notes that they require root rather than clearly warning that they can alter firewall behavior or overwrite existing configuration. That can lead an agent or user to run destructive or security-weakening commands without understanding they may disable protections, change enforcement, or replace prior settings.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.