虾安全

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local audit tool whose persistence is purpose-aligned, but it may leave audit history on disk that users should treat as sensitive.

Install only if you are comfortable with the skill keeping local audit snapshots and alert logs. On shared machines or systems with broad backups, review or periodically delete those files and restrict access to the audit directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script saves full audit results to timestamped snapshot files under the user's home directory. Those results can contain sensitive metadata about the agent workspace, including filenames, findings, and potentially excerpts-derived indicators about identity, memory, and installed skills, creating a privacy and persistence risk if other local processes or users can read them.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The alert logger appends security findings to a persistent log file without any explicit consent or notice. Repeated logging can accumulate sensitive operational details about the user's workspace and detected issues, which may later be exposed through local compromise, backups, or shared environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal