Back to skill

Security audit

VCF SDDC Manager Errors

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate VCF log-troubleshooting skill, but it needs review because it uses a Log Insight bearer token to fetch potentially sensitive logs with broad scoping and TLS verification disabled.

Install only if you trust the configured Log Insight endpoint and can use a least-privileged, read-only token. Consider editing the command to remove curl -k where possible, add explicit SDDC Manager/vCenter and severity filters, and require confirmation before fetching logs because returned log text may expose sensitive infrastructure details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation wording is broad enough that ordinary troubleshooting requests could trigger this skill unexpectedly, causing it to access external systems and retrieve sensitive operational logs without sufficiently specific user intent. Because the skill uses stored credentials and performs network queries, overbroad invocation increases the chance of unintended data exposure or unnecessary secret-backed actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.