Back to skill

Security audit

Memory Bench Designer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent memory-benchmark helper, but it will create local config/result files and run a disclosed external benchmark command.

Install/use this only if you trust the separate `memory-bench` CLI installed in your environment. Run it from a workspace where generated scenario, weights, and results files are acceptable, check for existing filenames first, and review the generated YAML before approving the benchmark run and model download.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to write `scenario-<name>.yaml` and `weights-<name>.yaml` into the user's current working directory without first requiring clear consent or warning that local files will be created/overwritten. Even though file generation is core to the benchmark workflow, writing into CWD can unexpectedly modify a repo or workspace, create collisions, or leak user-provided content into tracked files.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to execute a Bash command (`memory-bench run ...`) that both runs local code and writes artifacts under `results/<name>/` without an explicit user warning or approval gate. In this context, command execution is more sensitive than simple text generation because it can consume resources, trigger dependency/model downloads, fail unpredictably based on the local environment, and modify the filesystem.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.