DiagForge Bootstrap

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed onboarding guide for a Visio-based diagram workflow, with the main caution that it asks users to clone and run an external repository using a sensitive bridge token.

Use this skill only if you intend to trust and work with the referenced project. Before running its smoke-test scripts, verify the repository, review or pin the code you will execute, prefer an isolated workspace, and provide VISIO_BRIDGE_TOKEN with least privilege while keeping it out of logs, commits, screenshots, and prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to clone and run code from an external GitHub repository, including Python scripts, without any security warning, trust boundary discussion, pinning to a specific revision, or sandboxing guidance. Because skill content must be treated as adversarial, these steps could lead an agent to execute unreviewed code that changes the local system, accesses secrets such as VISIO_BRIDGE_TOKEN, or performs network and filesystem actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal