Back to skill

Security audit

AI Company KB (EN)

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended for shared operational knowledge and handoff workflows, but it asks for broad file and network authority over sensitive business records without enough scoping or user-facing privacy controls.

Review before installing. Only use this skill in a workspace where you are comfortable with an agent reading, writing, retaining, and potentially syncing operational records. Configure it with narrow folders/resources, avoid secrets and regulated records unless explicitly intended, and require explicit confirmation before writes, cloud sync, deletion, or access to financial, legal, HR, security, or audit data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest trigger list is overly broad and includes common workplace phrases such as 'knowledge base', 'audit log', and 'Handoff', which can cause unintended activation in ordinary conversations. Because this skill has file write and network API permissions and is designed to access sensitive records and shared state, accidental invocation could lead to inappropriate data access, modification, or sync operations.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger scenario section says to invoke whenever an agent 'needs to' save/read logs, update shared state, access strategy or financial records, or perform handoff, but it does not define strict activation boundaries or authorization checks. In a multi-agent environment with cross-agent sharing and zero-handoff sync, this ambiguity increases the chance that the skill is invoked in contexts where sensitive data should not be read or written.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises unified management of operations records, strategy documents, audit logs, cross-agent sharing, and real-time sync, while the manifest grants file read/write and network API access, yet there are no user-facing warnings about privacy, data sensitivity, persistence, or external synchronization. Given the explicit handling of financial, legal, HR, security, and audit data, this omission materially increases the risk of users or agents invoking powerful operations without informed consent or awareness of data exposure.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.