Security audit

technical writing

Security checks across malware telemetry and agentic risk

Overview

This is a coherent technical-writing skill with documentation templates, though users should edit a few risky example commands before copying them into real projects.

Install only if you are comfortable reviewing generated documentation before reuse. Replace the curl-to-shell installer with pinned, verified installation instructions, and treat runbook commands that restart services, change deployments, or alter production state as placeholders requiring explicit approval, impact checks, validation, and rollback planning.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The remediation section includes live-production actions such as restarting services, scaling deployments, failing over, and enabling maintenance mode without an explicit warning that these commands change system state and may cause downtime or secondary impact. In a runbook template, operators may copy these steps directly during an incident, increasing the risk of accidental disruption if preconditions, approvals, and verification steps are not called out.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The rollback section contains commands that alter the live deployment state, including undoing rollouts and setting a specific image, but does not warn that rollback itself is a production change with potential side effects such as schema/version mismatch or service interruption. During incident response, this omission can lead to unsafe rollback decisions being executed quickly without confirming compatibility or impact.

External Script Fetching

High

Category: Supply Chain
Content: brew install my-cli # Binary curl -fsSL https://get.my-cli.dev | sh ``` ## Quick Start
Confidence: 98% confidence
Finding: curl -fsSL https://get.my-cli.dev | sh

Chaining Abuse

High

Category: Tool Misuse
Content: brew install my-cli # Binary curl -fsSL https://get.my-cli.dev | sh ``` ## Quick Start
Confidence: 97% confidence
Finding: | sh

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal