Security audit

Attacker

Security checks across malware telemetry and agentic risk

Overview

This adversarial testing skill is transparent about its purpose and constraints, and I found no evidence of hidden installation, credential theft, exfiltration, or target modification.

Use this only on projects, systems, or ideas you are authorized to test. Invoke it explicitly for real targets, set narrow in-scope and out-of-scope boundaries, provide a budget, and exclude sensitive files or secret-bearing paths before allowing self-research or live CLI/HTTP/app probing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: This skill enables implicit invocation without any visible narrowing triggers, exclusions, or approval gates. Because the persona is explicitly adversarial and designed to attack or red-team targets, broad automatic routing increases the chance it is invoked on unintended tasks or with overly broad context, causing unauthorized probing, harmful guidance, or misuse of connected tools/workflows.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly instructs the agent to self-research the project repository when user-provided context is thin, which expands data access beyond what the user may have intended. In an agent setting, autonomous repo inspection can expose sensitive source, secrets, internal docs, or unrelated files and can also widen the attack surface without clear user consent or a tightly enforced boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal