Back to skill

Security audit

Lerwee Fault Handling

Security checks across malware telemetry and agentic risk

Overview

This skill is openly for server fault handling, but it gives an agent broad remote script-execution power that can restart services or clean disks without enough containment guidance.

Install only if you intentionally want this agent to run scripts on your servers. Use a least-privilege, revocable API secret; verify the lwops endpoint and publisher; require manual confirmation of exact hosts and script content; avoid broad multi-host runs; and redact command output before sharing logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill is designed to run remote scripts, restart services, and perform disk cleanup, all of which can disrupt production systems, but it does not present a clear user-facing warning about operational risk before execution. In this context, omission of disruption warnings is dangerous because users may trigger high-impact actions without understanding downtime, service interruption, or destructive side effects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to return per-host stdout in the final report without warning that command output can contain sensitive information such as filesystem paths, usernames, tokens, service configs, or application data. Because this skill queries remote execution results across hosts, exposing raw stdout materially increases the chance of leaking confidential operational data back to users or logs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.