Sentinel — Agent Security Layer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local security filter, but its broad pipeline instructions and misleading clean mode could cause users to trust unsafe sanitized content.

Review this before installing in production. Treat --clean as best-effort redaction, not proof that content is safe for an agent; prefer fail-closed blocking for untrusted content. Protect or rotate ~/.sentinel logs because they may contain prompt, output, or secret snippets, and only modify premium pattern files or scripts from trusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: In --clean mode, the script claims to provide sanitized output, but it only applies redaction against a subset of English pattern arrays. Threats detected via multilingual, extended, or premium checks can remain in the returned content, so downstream agents may still process prompt-injection or exfiltration payloads that users believed were removed.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The integration instructions require piping all external content through cleaning/blocking logic and all outputs through monitoring, but the description does not clearly warn that this may alter content flows, block responses, and write audit data to disk. Undisclosed interception and logging can cause silent data loss, privacy issues, and operational breakage in production environments.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal