Hook Examples

Security checks across malware telemetry and agentic risk

Overview

This is an examples-only hook guide with one privacy-risky logging snippet, but it does not install or run code by itself.

Safe to install as reference material. Do not copy the audit logging example into a real plugin unchanged; redact secrets and personal data, avoid stable session identifiers unless needed, and protect any logs you create.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The audit-log example captures and emits full tool parameters and a session identifier, which can expose secrets, personal data, prompts, tokens, file paths, or other sensitive operational context to logs. In a hook framework that intercepts arbitrary tool calls, this is more dangerous because the logged parameters may include high-sensitivity inputs from many different tools, and the markdown presents the pattern without any warning, redaction, or retention guidance.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal