Canonical Data Map

Security checks across malware telemetry and agentic risk

Overview

The skill is a reference-only data map, but it defines broad persistent memory, chat, audit, and proposal workflows for sensitive accounting data without enough limits on what gets stored.

Install only if you are comfortable with this accounting system creating long-lived operational records. Before using it with real client, payroll, banking, tax, or auth data, require clear rules for memory and chat-log redaction, encryption, access control, retention/deletion, user notice, and review of any memory-feedback GitHub pull requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The document mandates broad episode, failure, and correction logging across agent actions without sufficient data-minimization rules or explicit notice boundaries. In this accounting context, those logs are likely to capture highly sensitive financial, personal, and government-interaction data, creating a secondary datastore of regulated information that may be overlooked in access control and retention handling.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The append-only audit design requires collection of usernames, roles, IP addresses, client details, and long-term retention, but does not include minimization guidance or transparency controls. In a regulated accounting system, excessive or undisclosed monitoring can expose sensitive personal and client data for long periods and expand breach impact if audit stores are accessed.

Ssd 3

Medium

Confidence: 94% confidence
Finding: Storing chat sessions and active context creates a durable repository of natural-language interactions that can contain credentials, tax data, payroll details, and other confidential material. Because this is an accounting assistant environment, conversational content is especially likely to include regulated or privileged information, making indiscriminate retention risky.

Ssd 3

High

Confidence: 97% confidence
Finding: Mandatory logging for nearly any agent decision or output creates a broad capture surface for sensitive source inputs and derived conclusions, including payroll, compliance, tax, and client communications. This effectively duplicates confidential business data into a learning/memory subsystem, increasing attack surface, compliance burden, and the chance of unauthorized reuse or disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal