Security audit

KWDB Troubleshooting

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a troubleshooting helper with some usability concerns, but the supplied evidence does not show hidden access, credential handling, persistence, destructive behavior, or exfiltration.

Install only if Chinese-language output is acceptable or you can override it. Before allowing any repository download, confirm the exact source, avoid executing downloaded code automatically, and prefer giving the agent a local project path when possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (5)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill explicitly requires answering in Chinese regardless of the user's language or an established locale requirement. This can override user expectations, reduce transparency, and create safety/usability issues if the user cannot accurately understand diagnostic limitations or warnings. In a troubleshooting skill, forced language output is not directly code-execution dangerous, but it can impair safe communication during incident response.

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill hard-codes an output-language requirement with 'always reply in Chinese', overriding normal user preference and reducing user control over responses. This is not code execution or data exfiltration, but it is a prompt-level policy constraint that can cause denial of expected service, misalignment with user needs, or unsafe misunderstanding if the user cannot accurately read the output during an incident.

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: The skill hard-codes that responses must always be in Chinese, overriding user language preference without any documented justification tied to the task. In an incident-response or troubleshooting context, this can cause miscommunication, prevent operators from understanding diagnostics, and increase the chance of operational mistakes during outages.

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: This mode repeats the same unconditional requirement to always reply in Chinese, even when the user explicitly asks for a formatting template rather than a language change. For a troubleshooting skill handling logs, incidents, and system evidence, forced language output can degrade clarity, slow triage, and introduce avoidable errors in high-pressure situations.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The skill explicitly instructs asking the user whether to download an external repository, but it does not require a clear warning that this action initiates network access and retrieves untrusted third-party code. In an agent setting, that omission can lead to surprising outbound connections, policy violations, or analysis of attacker-controlled content without informed user consent.

VirusTotal

46/46 vendors flagged this skill as clean.

View on VirusTotal