Back to skill

Security audit

ia-md-docs

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation workflow that reads project files and updates markdown context/docs files in a disclosed, purpose-aligned way.

Before installing, understand that this skill is meant to edit project documentation and context files that agents may later read. Use --dry-run or review the planned changes when working in repositories with existing AGENTS.md or CLAUDE.md files, especially because it may create a CLAUDE.md symlink.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow directs the agent to write AGENTS.md and force-create a CLAUDE.md symlink using `ln -sf`, which can overwrite existing filesystem state without an explicit user-facing confirmation at the point of modification. In an agent context, this is risky because documentation files may already exist, symlinks can replace intended files, and the action is not clearly gated by informed consent beyond a narrow AGENTS.md existence check.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.