Response Speed Test

Security checks across malware telemetry and agentic risk

Overview

This is a coherent response-time benchmarking skill with minor privacy cautions around exported probe metadata.

Install only if you want local performance benchmarking. Avoid using sensitive prompts in LLM probe tests, review JSON or Markdown reports before sharing them, and only add the HEARTBEAT.md recurring benchmark line if you want periodic runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The probe stores the first 100 characters of the supplied prompt in result metadata, which can expose sensitive user input, secrets, proprietary prompts, or personal data to logs, telemetry sinks, or downstream consumers. In a monitoring/probing component, this is especially risky because metadata is often retained longer and shared more broadly than the original request path.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal