Checkpoint Firewall Audit

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Check Point firewall audit guide; it can expose sensitive firewall details, but I found no hidden code or unsafe automation.

Install only if you are authorized to audit the target Check Point environment. Use least-privilege read-only accounts, supervise any commands run against management servers or gateways, keep API passwords and session tokens out of prompts and logs, and review any remediation recommendations with a firewall administrator before making policy changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 79% confidence
Finding: The reference includes a login example that places a username and password directly in a command/body without any warning about secure credential handling. In practice, this can encourage operators or downstream automation to embed secrets in shell history, scripts, logs, or documentation, increasing the chance of credential exposure for the Check Point management plane.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal