Back to skill

Security audit

Phy Api Changelog Gen

Security checks across malware telemetry and agentic risk

Overview

This is a local OpenAPI changelog helper with broad trigger wording, but no evidence of hidden access, network use, persistence, or destructive behavior.

Install this if you want an agent to inspect local OpenAPI/Swagger specs or named git revisions. Prefer invoking it with explicit file paths or the /api-changelog command, and review generated changelogs before publishing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The top-level description advertises broad trigger phrases such as 'what changed in the API' and 'breaking changes' without tight scope constraints. In an agent environment, overly generic triggers can cause the skill to activate during ordinary developer conversation and process files or repo history unexpectedly, increasing the chance of unintended tool use and data exposure from local materials.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrase section contains several ambiguous phrases like 'breaking changes', 'removed fields', and 'which endpoints changed' that are likely to appear in normal engineering discussion. In a tool-enabled agent, this can lead to accidental invocation, causing unintended parsing of local specs or git revisions and potentially surfacing sensitive API details into the chat context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.