Security audit

Game Feedback Audit

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only game audit skill that asks an agent to review feedback quality and write three audit files, with no scripts, network use, credentials, or persistence.

Install this if you want an agent to assess a game project's feedback clarity and generate audit documents. Keep access scoped to the target repository and review changes under docs/game-studio/audit/ before committing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill explicitly instructs the agent to update multiple repository files, but it does not clearly warn the operator that running the skill will perform write actions. This can lead to unexpected file modifications, reducing user consent and auditability, especially in environments where skills are assumed to be read-only unless stated otherwise.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal