Spark Store Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Linux software-store helper, but it can run sudo package commands so users should confirm each action carefully.

Install this only if you want the agent to help manage Linux software. Before approving any install, removal, or update, ask it to show the exact aptss or apm command, package name, source, sudo requirement, and expected system impact.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger conditions are broad, including common actions like searching, installing, updating software, and mentions of generic command names. In an agent setting, this can cause the skill to activate unexpectedly and steer users into package-management workflows they did not explicitly intend, increasing the chance of unintended high-impact actions.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill performs privileged install, remove, and upgrade operations, but the document does not define a consistent, explicit user-consent and risk-warning model before these actions occur. Because these operations can modify system state broadly and require root privileges, insufficient warning and confirmation materially raises the risk of accidental or unsafe execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal