Back to skill

Security audit

Operational Framework

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform disclosed local snapshot/restore behavior, with an overwrite-risk caveat rather than evidence of deception or malware.

Before installing or using restore commands, confirm exactly which files will be overwritten, prefer a version-control diff or backup first, and avoid running restores in workspaces with uncommitted changes unless you intend to replace them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The restore workflow copies snapshot contents back into the workspace with no warning about overwrite behavior, conflict handling, or path validation. An agent following these instructions could unintentionally replace newer files, reintroduce unsafe state, or destroy work in progress, especially because the framework is positioned for routine use across many changes.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.