Palo Alto Hardening

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward third-party API wrapper for generating Palo Alto firewall hardening configurations, with no local code execution or hidden system access shown.

Install only if you are comfortable sending firewall hardening choices and request metadata to the listed third-party API. Use sanitized inputs first, avoid credentials and full sensitive firewall configurations, and prefer pseudonymous session or user identifiers unless your organization has approved the provider’s data handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly requires `sessionId`, `timestamp`, and optionally `userId` for audit trail, rate limiting, and attribution, but it does not disclose retention, sharing, minimization, or privacy implications. In a security-focused tool, users may provide identifying or correlatable metadata by default, which creates unnecessary tracking exposure and potential privacy/compliance risk if sent to a third-party service.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal