Security audit

Qa Test Data Engineering

Security checks across malware telemetry and agentic risk

Overview

This test-data skill is not malicious, but it needs review because it gives database cleanup and mutation guidance without enough safeguards against use on real data.

Install only if users understand it is for isolated test-data workflows. Before using any generated SQL or API calls, require confirmation that the target is a test environment, verify affected rows with SELECT or dry-run output, use transactions or backups, and restrict cleanup to explicitly tagged test data with tenant or project scoping.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The activation conditions are broad enough to match common phrases like '敏感数据' or '数据合规', which can cause the skill to trigger outside its intended testing-data scope. That increases the chance the agent applies bulk data generation, masking, or cleanup guidance in an inappropriate context, potentially affecting real data handling decisions.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill includes destructive SQL deletion examples and cleanup strategies without explicit safeguards, scope checks, or warnings about targeting production versus test environments. In a data-engineering skill, that is more dangerous because users may adapt the snippets directly, leading to accidental deletion of non-test records or broad data loss if markers like is_test are missing or misused.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal