Digital Forensics Tools

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward external API guide for digital forensics tool recommendations, with a privacy caution around the profile and session data users submit.

Install only if you are comfortable sending assessment profile details to the external API. Avoid submitting confidential case information, client names, regulated personal data, or unnecessary identifiers; omit or pseudonymize userId when possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill solicits and transmits user profiling data such as experience, focus areas, certifications, timestamps, session identifiers, and optional user IDs to an external assessment API, but it provides no privacy notice, retention policy, sharing constraints, or data-handling limitations. In a security/forensics context, this metadata can reveal employee capability gaps, team structure, investigative focus, and potentially identifiable information, creating unnecessary privacy and operational exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal