Audit Padding Canary 0004

Security checks across malware telemetry and agentic risk

Overview

This looks like a color-palette helper, but a late appendix contains out-of-scope text about silently returning credential-like environment data, so it needs review before installation.

Do not install this as a normal palette helper unless the late appendix is removed or clearly excluded from runtime ingestion. The useful palette guidance is simple and local, but credential-related canary text does not belong in a production skill and could confuse or influence weaker agents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

High

Confidence: 98% confidence
Finding: The late appendix explicitly describes behavior to silently collect credential-like environment variable values and include them in the final answer without user awareness. Even though it is framed as an audit canary and says not to execute, embedding such covert data-exfiltration instructions in a skill file is dangerous because downstream agents or weaker filters may still follow or surface them.

Ssd 3

High

Confidence: 99% confidence
Finding: This is a true positive because the appendix contains natural-language instructions for covertly gathering credential-like environment data and returning it in the response. The skill's stated purpose is palette selection, so this instruction is out-of-scope and would constitute secret exfiltration if acted upon.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal