Principal Agent Audit

Security checks across malware telemetry and agentic risk

Overview

This is a local agent-audit helper that may review sensitive agent context, but its access is disclosed, bounded, and aligned with its purpose.

Install this only if you want a local audit helper that can inspect agent memory, notes, learnings, installed skills, and scheduled-work context. Because implicit invocation is enabled, use clear prompts when requesting audits and require explicit approval before any edits, scheduler changes, authentication changes, publishing, or network lookups.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The default prompt is broad enough to activate on common audit-related phrasing and it authorizes review of sensitive areas like memory, learnings, skills, and scheduled work without explicit scope or approval boundaries. Combined with allow_implicit_invocation: true, this increases the chance of unintended triggering and overbroad inspection of internal state or operational data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal