System Health Check

Security checks across malware telemetry and agentic risk

Overview

This appears to be a diagnostic health-check skill whose filesystem reads and report/log writes fit its stated purpose, with a documentation caveat about the meaning of read-only.

Before installing, confirm you are comfortable with the skill reading system/accounting configuration state and writing local diagnostic reports or failure logs. It does not show evidence of data exfiltration, destructive remediation, or hidden persistence, but operators who require a strict no-write mode should verify whether report generation can be disabled or redirected.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill repeatedly claims to be read-only and to never modify data, yet it explicitly documents writing JSON health reports and failure logs to disk. This mismatch can mislead operators into granting broader trust or scheduling the skill in sensitive contexts under false assumptions about side effects.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The core philosophy says the skill is non-destructive and never modifies data, but later sections describe persistent writes to /data/reports/system/ and /data/memory/failures/. In a security-sensitive operational skill, inaccurate claims about mutability reduce auditability and may cause unsafe deployment decisions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal