Prisma Access All-in-One

Security checks across malware telemetry and agentic risk

Overview

This skill appears to manage live security configuration and includes deletion and push operations without enough visible guardrails.

Review before installing or using this against a real tenant. Only use it with credentials scoped to the minimum required folders/resources, and require the agent to show the exact tenant, folder, resource type, immutable object ID, and planned effect before any delete or config push. Prefer dry-run or read-only use until the skill documents explicit destructive-action safeguards.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill documents destructive API operations, including delete, without an explicit safety warning, scoped confirmation flow, or guardrail specific to deletion. In an agent setting, that increases the chance that a vague or misinterpreted user request could lead to irreversible configuration removal in a production tenant.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: **Update**: `PUT /sse/config/v1/{resource}/{id}` with JSON body **Delete**: `DELETE /sse/config/v1/{resource}/{id}` **Push Config**: `POST /sse/config/v1/config-versions/candidate:push`
Confidence: 94% confidence
Finding: DELETE /sse/config/v1/{resource}/{id}`

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal