Log Anomaly Detector

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a low-risk log analysis helper that processes provided log text without hidden system access.

Install only if you want a simple log anomaly analysis helper. Be mindful that logs can contain secrets or personal data, so review or redact sensitive log lines before submitting them to any agent workflow. The publisher should narrow trigger phrases and make language behavior consistent, but no artifact-backed malicious or high-impact behavior was found.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger patterns are broad and generic, including common phrases like 'log analysis' and 'error detection' that could match many unrelated user requests. This can cause the skill to activate outside its intended scope, increasing the chance of unintended data processing or routing user input to the wrong capability.

Natural-Language Policy Violations

Low

Confidence: 75% confidence
Finding: The skill mixes Chinese and English in user-facing content without indicating language-selection behavior. This can lead to user confusion, misinterpretation of capabilities, or policy-compliance issues when the skill is invoked in a language the user did not choose.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal