Back to skill

Security audit

灵光爸爸(AuraBaba)Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned with AuraBaba project coordination, but it can broadly activate and perform real issue, metadata, label, and calendar changes without clear confirmation guardrails.

Install only if you intend this agent to coordinate real AuraBaba workspace data. Use a dedicated least-privilege token, verify the workspace slug, and require the agent to summarize and get approval before creating, updating, assigning, or deleting issues, labels, metadata, comments, or calendar events.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly promotes automatic delegation, task splitting, and parallel execution across multiple external agents, but it does not prominently warn that those agents may perform impactful actions on user projects, codebases, infrastructure, calendars, or other connected systems. In this context, missing safety guidance increases the likelihood that users will authorize broad autonomous actions without understanding the blast radius, leading to unintended changes, data exposure, or destructive operations.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is intentionally broad enough to capture many generic coordination requests, including cases where the user does not explicitly ask to use AuraBaba. That creates a risk of unexpected activation and unintended external actions against a project-management system, especially because the skill supports write operations.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The instruction that the skill applies even when AuraBaba is not mentioned makes activation ambiguous and increases the chance the agent routes ordinary planning or brainstorming requests into a live external system. In this context, ambiguous routing is more dangerous because the skill can modify issues, assignments, comments, metadata, and calendar events.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents create, update, and delete endpoints for issues and related objects without an explicit user-facing safety gate. That can lead an agent to perform destructive or state-changing operations on user data without sufficiently explicit consent or confirmation.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Calendar event creation, update, and deletion can directly affect schedules, meetings, and deadlines, but the skill does not warn that these actions are user-impacting mutations. In a coordination tool, silent scheduling changes can cause real operational disruption even if no data is exfiltrated.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
POST   /api/issues
GET    /api/issues/{id}
PUT    /api/issues/{id}
DELETE /api/issues/{id}
GET    /api/issues/{id}/comments
POST   /api/issues/{id}/comments
GET    /api/issues/{id}/timeline
Confidence
93% confidence
Finding
DELETE /api/issues/{id}

Tool Parameter Abuse

High
Category
Tool Misuse
Content
GET    /api/issues/{id}/attachments
GET    /api/issues/{id}/labels
POST   /api/issues/{id}/labels
DELETE /api/issues/{id}/labels/{labelId}
GET    /api/issues/{id}/metadata
PUT    /api/issues/{id}/metadata/{key}
DELETE /api/issues/{id}/metadata/{key}
Confidence
90% confidence
Finding
DELETE /api/issues/{id}/labels/{labelId}

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.