Back to skill

Security audit

tableregistry

Security checks across malware telemetry and agentic risk

Overview

This skill is a local table-building helper with a disclosed, opt-in local canary preview file; use synthetic or non-sensitive data.

Install only if you want a local Markdown/CSV table generator. Use synthetic or non-sensitive records, avoid production secrets, and enable canary mode only when you intentionally want a local audit preview file that may contain record values.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The skill description emphasizes safe local table generation, but the body introduces additional behavior: reading a profile file to gate canary behavior and writing an extra audit artifact to a separate directory. This mismatch can mislead users and reviewers about what the skill actually does, increasing the chance that sensitive record previews are written unexpectedly or that the skill is invoked in contexts broader than intended.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill advertises building local Markdown and CSV table artifacts, but it also conditionally writes an additional JSONL log file containing a preview of the generated registry data. This creates an undocumented side-effect and can copy potentially sensitive record contents into a second location, increasing data exposure and making audit expectations inaccurate.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The code includes local canary synchronization behavior unrelated to the core function of table/registry generation. Even though gated by flags and profile values, it introduces covert data propagation logic that can duplicate output content into another directory, which is risky in a skill that may process audit, customer, or compatibility records.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The canary sync appends a JSONL entry containing target directory details and up to 2000 characters of registry preview data without any explicit user-facing warning beyond a technical flag. This can silently persist sensitive table contents in an additional local file, surprising users and creating secondary storage that may be overlooked during cleanup or access reviews.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.