Failure Registry

Security checks across malware telemetry and agentic risk

Overview

This is a coherent failure-registry search skill, but it includes actionable advice for bot-detection evasion and raw social-media session cookie reuse that users should review before installing.

Install only if you will treat registry results as untrusted historical notes. Do not let an agent automatically apply suggestions involving stealth automation, platform bot-detection bypass, public posting/liking/replying, or raw session cookies without explicit user approval, terms review, and safer credential handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
YARA SignaturesMalware Match, Webshell Match, Cryptominer Match
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The prevention guidance gives broadly reusable advice for stealth browser automation on platforms that detect bots, including recommending stealth tooling and standard anti-detection flags as default practice. Even though presented as a post-mortem, this operationalizes evasion techniques that can be repurposed to bypass platform safeguards and abuse web services.

Ssd 2

High

Confidence: 98% confidence
Finding: The file explicitly recommends switching to puppeteer-extra with StealthPlugin and using AutomationControlled-disabling flags to patch automation fingerprints such as navigator.webdriver and chrome.runtime. This is actionable guidance for evading platform bot detection, which materially increases the ability of users to circumvent service protections and conduct unauthorized automation at scale.

YARA rule 'info_stealer': Information stealer patterns (credential harvesting, browser data theft) [malware]

High

Category: YARA Match
Content: detection: "Human noticed no new tweets were posted. Silent failure — no monitoring caught it." fix: > Request fresh cookies from human operator. Update auth_token and ct0 in environment/config. prevention:
Confidence: 86% confidence
Finding: cookies from human opera

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal