Service Watchdog

Security checks across malware telemetry and agentic risk

Overview

This monitoring skill is purpose-aligned, but it has under-disclosed security flaws that users should review before running it on trusted machines or in cron.

Install only if you trust and control watchdog.json and the endpoints being monitored. Prefer installing nc or ncat so the bash /dev/tcp fallback is not used, consider removing the default curl --insecure behavior before relying on HTTPS results, and use --no-history or a private history_file path if service inventory or outage history is sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: The HTTP health check invokes curl with --insecure, which disables TLS certificate validation for all HTTPS requests. That means a service with an invalid, self-signed, expired, or attacker-intercepted certificate can still be reported as healthy, undermining the integrity of monitoring and potentially masking man-in-the-middle attacks or certificate misconfiguration.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: TLS verification is silently disabled without any user-facing indication, so operators may believe they are performing trustworthy HTTPS monitoring when they are not. In this watchdog context, that is especially dangerous because the script separately reports SSL expiry details, which can create a false sense of security while authenticity checks are completely bypassed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal