Shadow AI Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local dashboard generator, but users should handle its employee-monitoring reports and optional external delivery carefully.

Install only if you are authorized to analyze employee AI-tool usage. Treat generated reports as sensitive, store them in approved locations, avoid the CDN-backed dashboard in strict offline environments, and do not monitor workplace communications or send metrics to WhatsApp without legal, HR, privacy, and security approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The documentation states there are 'No External API Calls,' but the dashboard technology section explicitly says Chart.js is loaded from the jsDelivr CDN. That creates a network dependency and a supply-chain exposure surface, and it can mislead users operating under strict privacy or offline assumptions.

Context-Inappropriate Capability

Medium

Confidence: 86% confidence
Finding: The weekly report example adds WhatsApp delivery even though the skill is described as a local dashboard/report generator. Sending metrics through a third-party messaging channel can leak compliance and employee-risk information outside the intended local processing boundary.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The workflow advises monitoring Slack/Teams/Email for AI tool mentions and logging them to JSON, but it omits consent, minimization, legal review, retention, and employee-notice safeguards. In a monitoring/compliance context, this omission materially increases privacy, labor, and regulatory risk.

Ssd 3

Medium

Confidence: 91% confidence
Finding: The documentation proposes collecting employees' AI-tool mentions from workplace communications and logging them into a dataset. That is a concrete surveillance/data-collection pattern involving potentially sensitive employee and message metadata, and it can expose private communications if implemented without strict governance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal