Back to skill

Security audit

Agent Identity Kit

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its stated identity-card purpose, but its validator can automatically run unpinned external package tools and has unsafe fallback path handling that users should review before installing.

Install only if you are comfortable reviewing the shell scripts first. Prefer installing ajv-cli or jsonschema yourself in an isolated environment, avoid validating files with untrusted or unusual path names, and do not run init.sh on a path containing important existing data unless you intend to replace it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The script advertises itself as a validator, but its Python fallback will install the jsonschema package with pip if it is missing. That creates an unexpected networked side effect and executes package-installation logic in a context where a user may expect read-only validation, which can violate least surprise and introduce supply-chain risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.