Back to skill

Security audit

monitoring-specialist

Security checks across malware telemetry and agentic risk

Overview

This documentation-only monitoring skill is coherent, but its example snippets should be sanitized before production use.

Install only as guidance material. Do not copy the examples into production unchanged: use secret-managed low-privilege synthetic test accounts, redact logs/traces/screenshots, avoid raw user identifiers or full URLs in telemetry, and send alerts only to approved internal destinations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The synthetic monitoring example goes beyond passive observability and performs real browser interactions, including login attempts, screenshots, and alerting side effects. In a reference examples file, this can encourage operators to run active automation against production systems without guardrails, creating risks around unintended account activity, sensitive data capture, and operational side effects.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Logstash example forwards log-derived error content to a Slack webhook, which can transmit sensitive operational or user data outside the primary logging environment. Because the example lacks any warning, filtering, or redaction guidance, users may copy it directly and leak secrets, PII, or internal error details to external services.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The tracing example records user and request attributes and exports telemetry to Jaeger and downstream HTTP destinations without privacy or minimization guidance. This can normalize collecting identifiers and URLs in traces, which may expose personal data, secrets in URLs, or sensitive service interaction details across observability backends.

Missing User Warnings

High
Confidence
98% confidence
Finding
The synthetic monitoring script includes hardcoded credentials and captures screenshots during failure handling, creating a concrete risk of credential exposure and capture of sensitive application content. In addition, alerts referencing failure details can spread sensitive information further if reused in real environments.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.generated_source_template_injection

User-controlled placeholder is embedded directly into generated source code.

Critical
Code
suspicious.generated_source_template_injection
Location
references/examples.md:291