Back to skill

Security audit

Db Explorer

Security checks across malware telemetry and agentic risk

Overview

This database helper is mostly coherent, but it includes powerful restore, migration, and export examples that could alter or expose sensitive databases without enough per-action warning.

Review this skill before installing if it may be used against production or sensitive databases. Use least-privilege read-only credentials by default, require explicit approval for exports, restores, migrations, or full-table reads, and avoid running backup/restore examples unless you have verified destination paths and rollback plans.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a database exploration/query tool, but it also includes backup, restore, and migration operations that can modify systems and move large volumes of data. This expands the operational scope far beyond read-only inspection and increases the chance an agent performs destructive or unauthorized actions under an exploratory pretext.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill promises read-only defaults and confirmation for writes, but later provides direct restore and data-loading commands that bypass that stated safeguard. This inconsistency is dangerous because agents may follow executable examples rather than policy text, leading to accidental writes, restores, or data corruption.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Broad activation phrases such as 'check the database' or 'show me the data' make it easier for the skill to trigger in ambiguous contexts and obtain access to sensitive systems or data unnecessarily. Overbroad invocation increases the risk of unintended database interaction, especially when the same skill also documents write-capable and export-capable actions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Export, backup, and restore behaviors are documented without strong user-facing warnings about data sensitivity, storage location, performance impact, or destructive consequences. That omission can lead to accidental exfiltration, overwriting of existing data, or service disruption when an agent executes these operations in production-like environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.