Subdomain Takeover Checker
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward, user-run subdomain takeover checker that only queries DNS and optionally checks HTTP status for domains the user supplies.
Install only if you intend to assess domains you own or are authorized to test. Expect DNS lookups and, unless using --passive, HTTP requests to the supplied domains. Ensure curl is available even though it is not listed in the declared requirements, and treat results as advisory because takeover checks can produce false positives.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.