ARTA: Agentic Real-Time Awareness

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed in-memory session-awareness helper, but it can reveal other active session metadata if installed in a shared or multi-user agent.

Install only for agents where cross-session awareness is intended. In shared or multi-user deployments, add authorization and redaction so one user cannot learn another user's channel, identity, or task details unless that disclosure is explicitly allowed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The example explicitly instructs the agent to reveal other active sessions' channels and tasks to the current user, creating a cross-session privacy and information-segregation failure. Even though this is presented as sample code in a template, it normalizes unauthorized disclosure of operational metadata that could expose user identities, communication endpoints, and sensitive work context.

Ssd 3

Medium

Confidence: 96% confidence
Finding: The natural-language behavior guidance tells the agent to answer 'What are you doing elsewhere?' by disclosing other channels and tasks, which leaks information across unrelated conversations. In multi-user or multi-channel deployments, this can reveal sensitive activities, relationships, and internal routing details to unauthorized users.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal