Security audit

New Agent Onboarding

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only agent onboarding/training skill, but it teaches agents to maintain local memory and user-profile files.

Install this only if you want agents to follow a local training manual that reads and updates memory/profile files. Before using it for sub-agents, confirm which agent folders may be changed and whether USER.md should be copied, because that can duplicate private user context across local agent workspaces.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The skill is framed as a training/manual document, but it instructs the agent to create, copy, and update operational state files for other agents such as IDENTITY.md, SOUL.md, MEMORY.md, HEARTBEAT.md, and USER.md. This creates a capability mismatch: a user or orchestrator invoking what appears to be documentation can trigger persistent cross-agent state changes, which increases the risk of unauthorized configuration drift, privacy leakage, and covert prompt-state manipulation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.