AURA

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only personality configuration skill that narrowly creates, reads, or removes a workspace AURA.yaml file and does not show hidden code, credential access, or data exfiltration.

Install this if you want persistent personality settings for a workspace. Review the AURA.yaml contents before relying on them, be cautious with high autonomy values, and only add the AGENTS.md startup-loading rule in workspaces you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The skill instructs the agent to create or update `AURA.yaml` in the workspace as part of normal operation, but it does not explicitly warn the user that a local file will be written. This can cause unintended modification of user files or repositories, especially when invoked conversationally, even though the file content is configuration rather than code execution.

Missing User Warnings

Low

Confidence: 96% confidence
Finding: The reset command directs the agent to remove `AURA.yaml` without an explicit warning that a workspace file will be deleted. Even though the target file is narrow and expected, silent deletion is risky because users may not realize a destructive local action will occur or may have manually edited the file.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal