智能摘要

Security checks across malware telemetry and agentic risk

Overview

This summarizer does what it claims, but users should only give it files or URLs they intend it to read.

Install only if you are comfortable with a simple Python summarizer that can read files you name and fetch URLs you provide. Avoid passing confidential documents, tokenized links, localhost, intranet, or cloud metadata URLs unless you specifically intend the agent to process that content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The markdown states that the skill will automatically fetch webpage content from a provided URL, but it does not warn users that this triggers network access or may send URL/content to external services for processing. This is dangerous because URLs and fetched content can contain sensitive internal links, tokens, or private information, and silent retrieval can create privacy and SSRF-like risk depending on the runtime.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The skill fetches arbitrary user-supplied URLs with requests.get() and no validation of scheme, host, IP range, or redirect behavior. In an agent/runtime context, this can enable SSRF-style access to internal services or unintended network interaction, and the skill description does not clearly communicate this network-fetch capability beyond the raw --url argument.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal