Security audit

测试用例表编写

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Excel test-case table helper, with a normal caution that it can create or overwrite a local workbook.

Install this only if you want the agent to create or edit local Excel test-case files. Before use, provide the exact workbook path, decide whether edits should be saved in place or as a copy, and back up important spreadsheets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly creates and saves a local Excel file using a fixed filename, and also loads and overwrites that same file, but it does not require confirmation, warn about filesystem modification, or constrain where writes occur. In an agent context, this can lead to unintended local file creation or silent overwriting of user data, especially if the assistant executes these steps automatically.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal