Back to skill

Security audit

Diagram Flowchart Cellcog

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent CellCog diagram-generation integration, but users should treat prompts and shareable diagram URLs as potentially sensitive.

Install only if you are comfortable sending diagram prompts to CellCog and potentially creating shareable web outputs. Do not include secrets, credentials, regulated personal data, or internal-only architecture/network details unless you have verified CellCog's privacy and sharing controls for your use case.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill prominently encourages users to describe internal systems and says CellCog will produce interactive diagrams shareable by URL, but the description section does not clearly warn that generated outputs may be deployed as web pages accessible via a shareable link. Users may therefore submit sensitive architecture, network, org, or database details without realizing they could be exposed outside the local environment, creating a confidentiality and data-leak risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.