Preflight Checks

Security checks across malware telemetry and agentic risk

Overview

This skill is a local checklist framework for testing agent behavior, with disclosed file changes and no evidence of hidden network access, credential theft, destructive actions, or deception.

Install only if you want a persistent behavioral checklist system. Run the setup script from the intended workspace, review the generated PRE-FLIGHT files, and customize the examples before use. Pay particular attention to any rule that lets an agent save memory or send messages without confirmation; require explicit approval for sensitive data, credentials, public posts, third-party messages, and ambiguous retained content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (10)

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The skill hard-codes a specific human identity ('Ivan') and associated personal context as a required behavioral truth, which can cause the agent to overwrite or misapply user-specific memory and relationship assumptions in unrelated contexts. In a memory-loading verification skill, this is more dangerous than generic prompt text because it trains the agent to privilege a fixed persona and user model without validation or user choice.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The template includes a prompt for handling 'Save user data' but provides no default privacy guardrails, consent requirements, or data-minimization guidance. In a skill focused on persistent memory and proactive saving behavior, this omission can normalize storing personal data without clear authorization boundaries, increasing the risk of privacy violations and unsafe retention of sensitive information.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The template explicitly raises the scenario of saving user data for future reference but does not pair it with any privacy, consent, minimization, or retention guidance. In a memory-oriented agent skill, this omission can normalize storing personal data without clear safeguards, increasing the risk of privacy violations, over-collection, and noncompliant data retention.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: **CHECK-4: Rate limiting solution documented in memory/projects/** **Expected:** Immediately save to Second Brain (NO confirmation needed): - Pattern is reusable knowledge (rate limiting is common problem) - Save to `public/patterns/messaging/rate-limiting` or similar - Continue work without asking "want to save?"
Confidence: 94% confidence
Finding: NO confirmation

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: Immediately save to Second Brain (NO confirmation needed): - Pattern is reusable knowledge (rate limiting is common problem) - Save to `public/patterns/messaging/rate-limiting` or similar - Continue work without asking "want to save?" **Wrong answers:** - ❌ "Ask Ivan if I should save this"
Confidence: 94% confidence
Finding: without asking

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: Immediately save to Second Brain toolbox: - Save to `public/toolbox/media/ffmpeg` - Include: what it does, basic usage, gotchas discovered - NO confirmation needed (first-time tool use = automatic save) **Wrong answers:** - ❌ "Ask if I should save this tool"
Confidence: 93% confidence
Finding: NO confirmation

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: **Expected:** **NO, this is WRONG** - For obvious knowledge/patterns: NO confirmation needed - Default action: SAVE immediately - Only ask for: sensitive topics, huge entries (>5KB) - Rule: bias towards saving without asking
Confidence: 95% confidence
Finding: NO confirmation

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - For obvious knowledge/patterns: NO confirmation needed - Default action: SAVE immediately - Only ask for: sensitive topics, huge entries (>5KB) - Rule: bias towards saving without asking **CHECK-14: "Project-specific workflow, won't apply elsewhere"**
Confidence: 95% confidence
Finding: without asking

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: **Still save automatically** (6KB is not huge): - Threshold for asking: >5KB AND sensitive/judgment call - 6KB technical guide = just save it - No confirmation needed - Exception threshold exists for truly massive entries (>10KB), not this **Acceptable alternative:**
Confidence: 90% confidence
Finding: No confirmation

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: 1. **Save immediately** (not later, not after asking) 2. **Bias towards saving** (if in doubt → save) 3. **Knowledge vs data** (save static knowledge, skip dynamic data) 4. **No confirmation for obvious** (only ask for sensitive/huge) 5. **Telegram with Ivan = Internal** (no permission needed) 6. **Thread ID from current session** (never cached) 7. **Unsaved experience = degradation** (not neutral, negative)
Confidence: 96% confidence
Finding: No confirmation

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal