Back to skill

Security audit

Log Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a Playwright trace-inspection helper whose access to logs, requests, snapshots, and errors is expected for debugging user-provided trace files.

Install if you want an agent to inspect Playwright traces from the command line. Treat trace files as potentially sensitive because they can include cookies, tokens, request bodies, console logs, DOM content, screenshots, and attachments; redact or limit traces before sharing outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill encourages analysis of system logs, which commonly contain sensitive operational data such as IP addresses, usernames, hostnames, request paths, tokens, and internal error details. Without an explicit warning or handling guidance, users may expose confidential infrastructure information to the agent or in generated summaries more readily than intended.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.