Firm Security Audit

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate security-audit skill, but it can automatically send full critical audit results to Slack without clear approval or redaction controls.

Review this skill before installing. Use a least-privilege Slack app limited to the intended channel, require manual approval before sending audit results externally, redact secrets, hostnames, internal paths, and exploit details, and treat remediation snippets as reviewable changes with backups and rollback plans. Also verify the required MCP extension before granting it access to deployment files or Slack.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill instructs automatic transmission of CRITICAL audit results to Slack, which can expose sensitive security findings, configuration details, paths, or incident context to an external service without an explicit warning, sanitization step, or consent gate. In a security-audit context, this increases the chance of unintended data disclosure because audit outputs often contain high-value operational details.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal