数据库健康监控

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate database/monitoring helper, but it can query live infrastructure from broad prompts without clearly warning users about that access.

Install only if you intend the agent to access your database or monitoring systems. Use least-privilege credentials, prefer read-only production access, and require explicit target names and confirmation before running health, history, or diagnostic queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: Broad trigger phrases like '检查健康' or '看历史' can cause unintended activation of a skill that may directly connect to databases or external monitoring systems. In this context, accidental execution can expose operational metadata, initiate unplanned queries, or cause the agent to act on ambiguous conversational input without clear user confirmation.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly states it may use direct database connections, Zabbix, or Prometheus, but it does not warn users that invoking it can query live infrastructure or external monitoring backends. That omission is risky because users may trigger sensitive operational actions without understanding data access scope, which increases the chance of unintentional information disclosure or unauthorized querying in shared agent environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal