Back to skill

Security audit

Value Proposition Canvas

Security checks across malware telemetry and agentic risk

Overview

This documentation-only workshop skill organizes user-provided research into local Markdown files; the main caution is handling private research data carefully.

Install only if you are comfortable giving the agent research material and saving derived Markdown files locally. Use a dedicated project folder, redact names, emails, employer secrets, and client-confidential details first, and explicitly choose the output path before the workshop starts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill first declares Step 0 'non-negotiable' and says the agent must not proceed or choose a path until the user explicitly provides one, but later says that if the user does not specify a path the agent saves to the current working directory. That contradiction can cause an agent implementation to fall back to implicit local writes, undermining the user-consent boundary around file creation and creating a path-confusion/persistence risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to create and update multiple local files during the workflow, including possibly user-provided absolute paths, but it does not require a clear warning that content will be persisted to disk and may overwrite or expose sensitive research material. In a research-ingestion context, transcripts and interview notes often contain confidential or personal data, so silent persistence increases privacy and integrity risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs users to gather and later provide transcripts, recordings, screenshots, files, links, and notes from interviews, but it does not mention informed consent, minimization of personal data, secure handling, or redaction before sharing with the agent. This creates a real privacy and compliance risk because research artifacts often contain personally identifiable information, employer-confidential details, and sensitive behavioral data that could be unnecessarily exposed to the system or stored in project folders.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly instructs the agent to ingest interview transcripts, messy notes, and quotes, then write derived files, but it provides no guidance on handling potentially sensitive research data such as personal identifiers, confidential product details, or customer statements. In a research-ingestion workflow, this omission can lead to unnecessary collection, propagation, and storage of sensitive content in generated artifacts or insecure locations.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The methodology authorizes saving artifacts to a user-specified path without explicit safety constraints, confirmation requirements, or path restrictions. In an agentic environment, this can enable unintended file creation or overwriting in sensitive locations if a user or upstream prompt supplies a dangerous path.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.