zeh-local-inspector

Security checks across malware telemetry and agentic risk

Overview

This is a small read-only local directory inspector that reports the current folder and a short list of entry names.

Install only if you are comfortable with the agent revealing the current folder path and a small top-level directory listing. Use it in directories where that metadata is acceptable, and review updates before enabling future versions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs the agent to run a local inspection script that necessarily reads from the working directory, but the manifest does not declare any corresponding file-read permission. This creates a transparency and policy-enforcement gap: reviewers and permission systems cannot accurately assess or constrain what the skill can access locally.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The invocation condition, 'when the user asks to inspect the local environment in a safe and minimal way,' is vague and broad, which can cause the skill to activate for loosely related requests. In a local-inspection skill, over-broad triggering increases the chance of unnecessary filesystem access and disclosure of sensitive workspace information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal