Wb Troubleshooter

Security checks across malware telemetry and agentic risk

Overview

This is a simple local Western Blot troubleshooting helper with no evidence of network access, credential use, persistence, or file modification.

Reasonable to install for basic troubleshooting guidance. Treat the lab recommendations as general suggestions, and note that the skill is marked Draft and its documentation slightly overstates parameters and file access compared with the current script.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill metadata explicitly states that local Python/R scripts may execute and that the skill may read input files and write output files, but the document does not provide a clear user-facing warning, consent model, or concrete scope restrictions for those actions. In an agent setting, this can mislead users about operational behavior and increase the risk of unintended file access, overwrites, or execution of unsafe local code if the surrounding runtime trusts the skill description.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal