Back to skill

Security audit

AuraBaba Platform

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent AuraBaba project-management integration, but it can act on authenticated project data too broadly and includes deletion capabilities without explicit guardrails.

Install only if you want this agent to coordinate work through AuraBaba. Use a dedicated, least-privilege token where possible, keep it out of chats and logs, and require explicit confirmation before deleting issues, labels, metadata, tokens, or calendar events.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation description is broad enough to trigger on many generic coordination requests, including cases where the user did not ask to use AuraBaba or to access an external project system. That increases the chance the agent invokes this skill unnecessarily and performs external actions or requests workspace/token setup in situations where a simpler, lower-risk response would suffice.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill states it applies even when the user does not mention the platform, but it does not define when the agent should refrain from using it. In context, this makes accidental invocation more likely, which is dangerous because the skill supports authenticated issue management and calendar mutations against a backend API.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
POST   /api/issues
GET    /api/issues/{id}
PUT    /api/issues/{id}
DELETE /api/issues/{id}
GET    /api/issues/{id}/comments
POST   /api/issues/{id}/comments
GET    /api/issues/{id}/timeline
Confidence
90% confidence
Finding
DELETE /api/issues/{id}

Tool Parameter Abuse

High
Category
Tool Misuse
Content
GET    /api/issues/{id}/attachments
GET    /api/issues/{id}/labels
POST   /api/issues/{id}/labels
DELETE /api/issues/{id}/labels/{labelId}
GET    /api/issues/{id}/metadata
PUT    /api/issues/{id}/metadata/{key}
DELETE /api/issues/{id}/metadata/{key}
Confidence
87% confidence
Finding
DELETE /api/issues/{id}/labels/{labelId}

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.