Back to skill

Security audit

Alibabacloud Migration Sdm Sql Trans

Security checks across malware telemetry and agentic risk

Overview

This is a content-only SQL translation skill with minor instruction ambiguities, but no evidence of hidden tools, credential access, exfiltration, or persistence.

Install only if you want rule-based SQL conversion assistance and are comfortable reviewing the output before use. Do not execute converted DDL/DML directly in production, and treat unsupported engine pairs as manual work until the missing reference files are added.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
L077 states that unimplemented language pairs must be rejected and speculative conversion results must never be output. But L127 directs the agent, after failed iterations, to fall back to the original SQL, re-transform minimally, annotate manual review, and output it; this conflicts with the earlier hard prohibition when no implemented rules exist for that pair.

Intent-Code Divergence

Low
Confidence
83% confidence
Finding
L006 says this is a pure content-generation skill that does not invoke external tools, and L019 similarly says it does not depend on external MCP tools or CLI. However, later instructions describe runtime loading of `references/<src>_to_<dst>.md` files (L071, L104) and possible file writes such as `outputs/refusal_notice.md` (L064), which contradict the earlier no-tools/no-side-effects characterization at the documentation level.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.