better-skill-audit (deprecated)

Security checks across malware telemetry and agentic risk

Overview

The skill appears aimed at auditing and fixing issues, but its instructions conflict about when it may write or edit files.

Review this skill carefully before installing. Use it in read-only audit mode unless you explicitly want it to create reports, backups, or file edits, and only run any fix mode on a scoped workspace with version control or separate backups.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

High

Confidence: 97% confidence
Finding: The skill's safety model is internally contradictory: it states a red-line of 'no write operations' during audit, yet elsewhere mandates writing audit reports and allows file modification in fix mode. This ambiguity can cause an agent to perform filesystem writes when the user expected read-only behavior, undermining least-privilege and increasing the chance of unintended file changes.

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: In the fix workflow, the document instructs the agent to create backups and edit files, then immediately restates a red-line of 'do not execute any write operations.' This creates a direct policy conflict that an autonomous agent may resolve inconsistently, leading either to unsafe writes or unreliable behavior around destructive operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal