Prisma Access Audit

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Prisma Access audit guide that asks for expected tenant API access and does not include executable or destructive behavior.

Install only for an authorized Prisma Access audit. Use a dedicated Auditor or View-Only service account scoped to the correct tenant, avoid write-capable admin credentials, keep tokens in an approved secret store, redact Authorization headers and user/device telemetry from shared reports, and verify the Palo Alto endpoints before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The skill requires a sensitive credential (`PRISMA_ACCESS_API_KEY` / OAuth credentials) and instructs use of bearer tokens, but it does not include handling guidance such as not logging tokens, not embedding them in reports, and storing them only in the agent's secret store. In an agent context, omission of credential-safety guidance increases the chance of accidental exposure through prompts, logs, screenshots, or generated output.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal