Back to skill

Security audit

Hexstrike

Security checks across malware telemetry and agentic risk

Overview

This is a transparent offensive-security skill, but it enables broad command-line scanning and credential-attack workflows that need careful review before use.

Install only if you intend to use it for CTFs, owned lab systems, bug bounty scopes, or professional work with written authorization. Review every command before execution, confirm the target scope, avoid credential attacks unless explicitly permitted, run unknown binaries and scans in isolated environments, and do not let the agent perform privileged installs or long-running scans unattended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly instructs direct execution of network-capable security tools via exec, but the manifest does not declare corresponding permissions or capability boundaries. This creates a transparency and governance gap: a reviewer or runtime may underestimate that the skill can perform active network actions, including scans and enumeration.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger list is extremely broad and overlaps with many ordinary security-help queries, making accidental invocation likely. In a skill that can drive offensive tooling and network actions, overbroad activation increases the chance of the assistant entering a high-risk workflow without sufficiently specific user intent or authorization context.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly tells the agent to execute security tools directly via exec, including reconnaissance and scanning workflows, but does not require a strong upfront warning, authorization check, or hard safety interlock before invasive actions. Because the skill is designed for offensive security tasks, this omission materially raises the risk of unauthorized scans, subprocess execution, and potentially disruptive actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This file provides a step-by-step offensive reconnaissance and penetration testing workflow, including active scanning, vulnerability scanning, brute-forcing, and exploitation-oriented commands, but it does not include any authorization, scope, safety, or rate-limiting guidance. In a broadly triggered skill explicitly marketed for pentesting and red-team tasks, that omission materially increases misuse risk and may lead users to run intrusive actions against unauthorized targets.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This reference provides concise commands for scanning, enumeration, brute forcing, and exploitation-adjacent tooling without any guardrails, authorization requirements, rate-limit cautions, or legality warnings. In a skill explicitly designed for offensive security and red-team tasks, such omission materially increases the chance of misuse or unsafe execution against unauthorized targets.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
### Tool Installation
If critical tools are missing, suggest install commands:
- **Debian/Ubuntu**: `sudo apt install <package>`
- **pip tools**: `pip3 install <package>`
- **Go tools**: `go install <repo>@latest`
- **Kali Linux**: Most tools pre-installed; `sudo apt install kali-tools-*` for categories
Confidence
72% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
- **Debian/Ubuntu**: `sudo apt install <package>`
- **pip tools**: `pip3 install <package>`
- **Go tools**: `go install <repo>@latest`
- **Kali Linux**: Most tools pre-installed; `sudo apt install kali-tools-*` for categories

### Long-Running Scans
Use `exec` with `background: true` and `yieldMs` for scans that take minutes:
Confidence
72% confidence
Finding
sudo

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.