Agent Audit Log

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local audit-log helper, but its setup script can silently erase the current day's audit log if run again.

Install only after reviewing or patching scripts/init_audit.sh so it creates the daily JSONL file only when missing instead of truncating it. Keep audit logs private, exclude them from public exports, and record only metadata for secret-related events, never raw credential values.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README explicitly encourages logging high-value actions including secret injection events, but it does not warn against recording secret values or other sensitive payloads in the audit trail. In an audit-logging skill, that omission can easily lead users or downstream agents to persist credentials, tokens, or private configuration data into JSONL logs and indexes, creating a secondary exposure surface.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal