Strykr Qa Bot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent QA testing skill for the Strykr website, with expected browser automation, screenshots, reports, and local test output.

Install only if you intend to run automated tests against Strykr or an authorized test environment. Review or secure generated screenshots, console logs, and reports before sharing them, and pin the web-qa-bot dependency for repeatable CI runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The README explicitly promotes screenshot capture and report generation for QA runs but does not warn users that these artifacts can contain sensitive UI content such as account data, API responses, chat prompts, or other proprietary information visible during testing. In a CI/CD-ready testing skill, this omission increases the chance that screenshots and reports are stored, shared, or retained insecurely by default.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal