Security audit

self-healing

Security checks across malware telemetry and agentic risk

Overview

The skill appears safe to install, but users should treat its watchdog and checkpoint steps as explicit local side effects that need cleanup.

Install only if you are comfortable with the skill creating local checkpoint/proof artifacts and with any watchdog being explicitly scheduled by you. Before use, confirm where files are written, how to remove the recurring job, and avoid leaving the watchdog enabled after the workflow is complete.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly instructs users to schedule a recurring watchdog and create checkpoint/proof files, which are system-modifying behaviors, but it does not clearly warn that the skill may persist files in /tmp and install or leave behind recurring jobs. In an agent-skill context, that omission is security-relevant because operators may invoke the skill expecting advisory behavior, while it can cause persistence-like background execution and filesystem side effects.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.