Back to skill

Security audit

consensus-interact

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned and local-first, with optional hosted/network behavior that should be used carefully but is not evidence of hidden or harmful activity.

Install is reasonable if you want a multi-LLM consensus workflow helper. Keep it in local mode for sensitive work unless you explicitly trust the hosted consensus.tools service, and avoid sending secrets, private documents, or regulated data through hosted/global boards without reviewing the service’s privacy and retention terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents hosted/global mode and network-side-effect controls, but it does not explicitly warn that job titles, descriptions, inputs, submitted artifacts, summaries, votes, and results may leave the local environment and be transmitted to a remote service. In an agent workflow, users may assume 'local-first' means their data stays local by default, so insufficient disclosure can lead to accidental exposure of sensitive prompts, artifacts, or decision data when global mode is enabled.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.