Back to skill

Security audit

Dns Records

Security checks across malware telemetry and agentic risk

Overview

This is a simple DNS lookup helper with expected outbound DNS behavior and no evidence of hidden access, persistence, credential use, or destructive actions.

Install only if you are comfortable with the agent making DNS queries for domains you provide. Use the documented record types, avoid passing arbitrary dig options as record types or domains, and remember that DNS lookups may be visible to your configured resolver or network operator.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Unvalidated Output Injection

High
Category
Output Handling
Content
def dig(domain, rtype="A"):
    """Use system dig if available, fall back to socket."""
    try:
        out = subprocess.run(
            ["dig", "+short", "+timeout=5", rtype, domain],
            capture_output=True, text=True, timeout=10
        )
Confidence
89% confidence
Finding
subprocess.run( ["dig", "+short", "+timeout=5", rtype, domain], capture_output

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.