Security audit

BloodHound Narrator

Security checks across malware telemetry and agentic risk

Overview

This is a local BloodHound report generator that reads a user-supplied export and writes a local Markdown report, with one hardening caveat around how it loads bundled helper scripts.

Install and run this only from a trusted directory, do not override BH_NARRATOR_DIR, and protect both the BloodHound export and generated Markdown report because they can reveal sensitive domain weaknesses. PowerShell should be installed from a trusted source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script reads two local text files and executes them via ScriptBlock::Create and dot-sourcing, which turns file contents into arbitrary PowerShell code at runtime. Because the load path is influenced by BH_NARRATOR_DIR and fallback path resolution, an attacker who can modify those files or control the resolved directory can achieve arbitrary code execution when the skill runs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.