Back to skill

Security audit

Cloud Misconfig Scanner

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate cloud security scanner, but it asks users to send cloud credentials to a third-party API without enough limits or secret-handling guidance.

Review carefully before installing or using. Use only temporary, read-only credentials scoped to the minimum cloud account, region, and resources needed. Do not provide root, admin, production, or long-lived credentials unless you have independently verified the provider’s security, privacy, logging, retention, and deletion practices. Revoke or rotate credentials after use and monitor cloud audit logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly requires provider credentials to be sent to an external scanning service, but it does not warn users that highly sensitive cloud authentication material will leave their environment. In the context of a cloud security scanner, these credentials may grant broad read access and sometimes privileged API scope, so undisclosed transmission materially increases the risk of account compromise, unauthorized inventory access, and downstream abuse if the service is breached or misused.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The sample request normalizes submission of access_key_id and secret_access_key without any surrounding warning not to paste production secrets or without guidance to use temporary, scoped credentials. Even though the values appear example-like, this pattern encourages users to place real cloud secrets into prompts or API calls, which is especially dangerous for a third-party security scanning service handling sensitive infrastructure access.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The API exposes a cloud scanning operation but the OpenAPI spec does not constrain scope, target accounts, regions, or resource boundaries, making it unclear what infrastructure may be scanned when invoked. In an agent setting, this ambiguity can lead to overbroad actions against unintended cloud environments, especially if the caller supplies powerful credentials.

Missing User Warnings

High
Confidence
95% confidence
Finding
The request schema requires a generic credentials object but provides no warning, structure, or handling guidance for highly sensitive secrets being transmitted to the service. In practice, this increases the chance that users or agents send long-lived cloud keys insecurely, log them inadvertently, or provide overly privileged credentials, which could enable full compromise of cloud environments if mishandled.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.