Back to skill

Security audit

Log Parser Insight Engine / 日志解析洞察引擎

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only log parsing skill with expected log-data sensitivity but no install scripts or hidden execution behavior.

Install only if you are comfortable using an agent to inspect operational logs. Limit it to logs needed for the task, avoid feeding secrets or unnecessary personal data, redact sensitive fields before sharing outputs or dashboards, and review any external monitoring export before enabling it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill explicitly encourages parsing system and authentication logs, which commonly contain sensitive data such as usernames, IP addresses, hostnames, tokens, session identifiers, and personal data. Because the documentation provides operational examples without any warning, minimization guidance, or redaction requirements, users may ingest and expose sensitive log contents into structured outputs, dashboards, or downstream integrations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.