Security audit

Go Get Uncle Matt's HAMMERRR

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only project audit skill with no artifact-backed evidence of hidden data access, persistence, or harmful behavior.

Install this when you want an agent to perform a broad read-only audit of a repository. Set the audit root and output path clearly, review any command that could write files or touch external systems, and note that quick_validate.py currently fails because it checks for a removed skill-card.md file.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 98% confidence
Finding: This is a mismatch because the declared purpose describes a substantive audit skill for evaluating project claims against runtime behavior, configuration, deployment reality, tests, installation, packaging, upgrade, and release paths. The actual code does not audit any external project or claims at all; it only validates that the skill's own package files contain required content and policy text. There is no runtime inspection, deployment checking, executable proof gathering, or project-truth analysis. The script's primary purpose is package self-validation, which differs materially from the declared audit function.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal