Back to skill

Security audit

Business Data Analyst Skill

Security checks across malware telemetry and agentic risk

Overview

The skill shows a low-risk scope issue around suggested web searching, but no evidence of malware, hidden persistence, credential theft, destructive behavior, or automatic data exfiltration.

Installers should know this skill may cause the agent to use web search or outside sources during analysis. Avoid giving it confidential internal business details unless you are comfortable with the agent deciding what context is safe to use in searches, and verify important business conclusions against authoritative sources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
86% confidence
Finding
The prompt hint explicitly instructs use of external search tools to gather outside information, which meaningfully changes the skill from internal business analysis into external data collection. In an agent setting, that can trigger unintended browsing or data-sharing behavior not reflected in the declared skill scope, increasing the risk of unauthorized outbound access and policy bypass through routing alone.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.