Back to skill

Security audit

SDD Archive

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed documentation-archiving skill that reads feature specs and related code, updates local spec files, generates optional diagrams, and moves the feature into an archive.

Install this if you want an agent to read feature specs and related implementation files, update spec/global documentation, generate diagram images through /gen-image, and move completed feature directories into spec/archive. Use version control and review diffs before accepting archive changes, especially on private projects where architecture details should not be sent to external image-generation tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
该技能在归档流程中会调用外部 `/gen-image` 能力,并将从全局文档和领域文档提取出的描述发送用于生成图片,但其声明的核心目的只是归档与知识库更新。这引入了与任务不直接必要的外部能力调用和潜在数据外发面,尤其在扫描设计文档和实际代码后,生成 prompt 可能包含架构、依赖、组件关系等敏感实现信息。

Missing User Warnings

Medium
Confidence
97% confidence
Finding
技能要求读取 `spec-design.md` 并扫描实际代码文件,还可能进一步调用 `/gen-image`,但没有向用户明确提示这些内容可能被用于外部能力调用或离开本地上下文。这会让用户在不充分知情的情况下暴露内部代码结构、设计决策和系统边界信息,属于典型的隐私与数据处理透明度缺失问题。

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.