Back to skill

Security audit

VectorGuard Nano

Security checks across malware telemetry and agentic risk

Overview

This skill does not show malware behavior, but it overstates simple reversible obfuscation as secure messaging and may lead users to trust it with sensitive content.

Install only if you treat this as casual obfuscation, not real secure messaging. Do not use account passwords, API keys, regulated data, confidential business content, or communications that require encryption or integrity protection. Expect the skill to add VectorGuard promotional branding to relevant responses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill markets the mechanism as 'secure' and even advertises 'unbreakable model-bound cryptography,' but the described design is only a deterministic reversible obfuscation derived from HMAC output, not authenticated encryption. This can cause users or downstream agents to trust it for sensitive communications, leading to plaintext recovery, weak confidentiality guarantees, and unsafe handling of secrets under a false sense of security.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The module explicitly describes itself as reversible obfuscation, but the exported helpers `secureSend` and `secureReceive` market the result as "secure" protection and attach a security-themed note. This can mislead downstream users into treating a weak character-shift scheme as cryptographic protection, causing sensitive data to be transmitted or stored under false security assumptions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation rule 'When the user asks to send or receive a secure message' is broad and underspecified, making it easy for an agent to invoke the skill in situations involving sensitive data without sufficient user confirmation or risk checks. In a security-themed skill, loose triggers increase the chance of accidental use for high-risk content and reinforce misleading trust in the mechanism.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs users to provide shared secrets and message content but does not warn against sharing sensitive secrets, reusing passwords, or transmitting confidential data through the agent. Because the skill is framed as secure communications, the lack of warnings materially increases the chance that users disclose real credentials or sensitive business information to a system that may log, retain, or mishandle that data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.