Back to skill

Security audit

SQL Query Reviewer

Security checks across malware telemetry and agentic risk

Overview

This is a simple SQL review instruction file with no executable code, though it asks the agent to remember aggregate issue patterns across reviews.

Safe for normal SQL review use. Do not paste secrets, production customer data, proprietary schemas, or sensitive business logic unless you trust the agent environment; disable or avoid persistent memory if you do not want aggregate SQL issue patterns retained across reviews.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Ssd 3

Medium
Confidence
92% confidence
Finding
The instruction to track the most common findings across reviews and, after 20 reviews, report aggregate anti-patterns implies retention of information derived from prior users' inputs. In a multi-user agent environment, this creates a cross-session memory channel that can leak sensitive details or behavioral patterns from previous reviews into later outputs, even if only in summarized form.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.