ClawHub

Fortisase Audit

Security checks across malware telemetry and agentic risk

Overview

This is a mostly read-only FortiSASE audit guide, but it needs review because it normalizes handling high-value FortiCloud and device credentials without enough guardrails.

Install only for authorized FortiSASE audits. Prefer scoped read-only API tokens or approved service principals, avoid entering personal FortiCloud passwords into agent workflows, do not bypass MFA except through formally approved machine-to-machine access, and treat reports and collected endpoint/logging data as sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill includes a username/password OAuth flow and later discusses API-specific accounts without warning about credential handling, secret exposure, or the security implications of using accounts that may weaken MFA protections. In a security-audit skill, normalizing direct credential entry and service-account patterns without guardrails can lead operators to use overly privileged or less protected credentials, increasing the chance of account compromise.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill instructs retrieval of endpoint compliance, ZTNA tag assignments, group inventory, and later logging data, all of which may contain user/device telemetry and sensitive operational metadata, but it provides no privacy or data-handling warning. This can cause unnecessary collection, overexposure, or insecure downstream sharing of employee and device information during an audit.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal