Back to skill

Security audit

ai-qa-agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent QA-review helper that reads deliverables and produces a report, with a disclosed but worth-noting local report file save.

Install this if you want structured QA reports for code, data, documents, and brand voice. Before using it on sensitive material, remember that it instructs the agent to save the generated report locally at a fixed path, so reviewed content may remain on disk; use chat-only output or a user-chosen path if that matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The skill instructs the agent to write a QA report to a fixed local path, which exceeds a pure review/report role and introduces an unnecessary side effect. In agent environments, implicit file creation can overwrite existing files, leak reviewed content into persistent storage, or be abused when the user only intended an in-chat assessment.

Vague Triggers

High
Confidence
93% confidence
Finding
The trigger criteria are extremely broad and can activate the skill for many generic requests involving review, checking, approval, or final passes. Over-broad activation increases the chance that the wrong skill runs on unrelated content, causing unintended file access, unnecessary processing, or execution of workflow steps such as report generation without the user's specific intent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Saving a QA report to disk without warning the user about file creation or overwrite risk creates an implicit write capability. This is dangerous because it can unexpectedly persist sensitive review content, clobber existing files at the target path, or violate least-surprise expectations in a supposedly review-oriented skill.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.