Back to skill

Security audit

Aloudata CAN SKILLS - anomaly-detection

Security checks across malware telemetry and agentic risk

Overview

This is a coherent metric-anomaly checking guide with no executable install code, though users should watch its broad trigger wording and delegated data access.

Install only if you want an agent to judge whether business metrics look normal or abnormal. Confirm that the delegated metric-query skill is trusted and properly permissioned, and expect the agent to ask for scope before broad or vague health checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill documentation contains contradictory instructions about data access boundaries: earlier sections repeatedly state that all queries must be delegated to the metric-query skill and that this skill must not call the Gateway API directly, while the later boundary section says it calls metric-query's query capability 'through Gateway API'. This ambiguity can cause an implementing agent to bypass the intended isolation layer and make direct API calls, weakening authorization, auditing, and enforcement controls.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger conditions are extremely broad and include many ordinary phrases such as '帮我看看有没有问题', '检查一下XX', '有没有风险', and similar ambiguity-driven requests. Overbroad routing can cause this skill to intercept general user queries, perform unnecessary data lookups, or make normative judgments when the user only wanted simple retrieval, increasing the chance of unauthorized or unintended actions in multi-skill systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.