Security audit

Suricata Alert Report

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Suricata log-reporting helper, with no executable installer or hidden persistence, though users should expect it to read sensitive IDS alert data.

Install only on hosts where you are comfortable letting the agent read Suricata alert logs and operational sensor status. Treat generated reports as potentially sensitive because they may contain internal or external IPs, alert signatures, interfaces, and security volumes, and be aware the template adds promotional links in the report footer.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill reads local security logs and sensor/runtime status from `/var/log/suricata/` and related tooling, but the description does not clearly warn users that local operational security data will be accessed. This can lead to informed-consent failures and unintentional disclosure of sensitive infrastructure details such as source IPs, signatures, interfaces, and alert volume.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.