Back to skill

Security audit

Operation Tracer

Security checks across malware telemetry and agentic risk

Overview

This skill is a local SQLite operation logger whose behavior matches its stated purpose, with privacy considerations around stored trace details.

Install only if you want local operational traces saved in the workspace. Treat the SQLite database as potentially sensitive because tool parameters, file paths, results, and errors may be recorded; run cleanup or restrict what metadata you pass if traces should not be retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that it records all tool calls, LLM calls, errors, and compression events and persists them to a SQLite database, but the description does not warn users that detailed operational metadata will be stored. This creates a transparency and privacy risk because paths, parameters, results, and error details may contain sensitive information that is retained for later analysis without clear disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.