Data Quality Audit

Security checks across malware telemetry and agentic risk

Overview

This skill performs a disclosed financial data audit and creates audit output files in the user-selected deliverable directory.

Install this only if you want an agent to audit financial deliverables by reading the selected deliverable directory and making external data-source lookups. Before running it, confirm the target path and check whether audit-report.md or audit-raw.json already exist, because the workflow writes those audit files in that directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 80% confidence
Finding: The skill writes audit-report.md and audit-raw.json into the deliverable directory but does not explicitly warn about filesystem modification or require confirmation. In practice this can overwrite existing artifacts, create files in unintended locations if the path is attacker-controlled, or surprise users who expected read-only auditing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal