Back to skill

Security audit

error-detective

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only debugging skill whose examples need care if reused, but the installed skill does not run code or secretly collect data.

Safe to install as a debugging prompt skill. Before reusing the TypeScript example in a real project, restrict file reads to the intended workspace, validate stack-frame paths, redact sensitive logs and source snippets, and make any metrics or telemetry explicit and opt-in.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The example skill is presented as a debugging/root-cause-analysis utility, but it initializes a MetricsCollector with a configurable external endpoint and later emits investigation metadata. That creates a hidden data-flow from local error analysis into network telemetry, which can expose internal error types, root-cause labels, and other potentially sensitive operational details beyond the user’s expected scope.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The code explicitly reports analysis results via this.metrics.track('error.investigated', ...) without any minimization or consent boundary. Even though the sample payload is small, debugging metadata can reveal application behavior, failure modes, and environment characteristics, and the surrounding code processes stack traces and source context, increasing the sensitivity of the overall feature.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broad and generic enough to match a wide range of ordinary debugging or troubleshooting requests, which can cause the agent to invoke this skill outside a narrowly intended scope. Overly broad routing increases the chance of mis-selection, unintended context capture, and expansion of the skill’s influence over user interactions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The constructor wires in a metrics endpoint with no user-facing warning that debugging activity may send analysis-derived data to an external service. In a debugging skill, users reasonably expect local inspection; silent telemetry changes the trust model and can lead to unintentional disclosure of internal operational data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.