Back to skill

Security audit

SwarmRecall Learnings

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it can automatically send and persist detailed command failures to a third-party service, which may expose sensitive information.

Install only if you are comfortable with SwarmRecall receiving and storing agent learning records. Avoid sending raw command output from sensitive repositories or terminals, confirm what will be logged before upload, and be cautious with shared pools and automatic pattern promotion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to automatically call remote endpoints on session start, which creates outbound network activity and data access without an explicit per-session user-facing notice or opt-in in that behavior flow. Even if authentication is required, this can violate user expectations, leak metadata about usage, and normalize silent background communication to a third-party service.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill explicitly directs the agent to send failed command output and detailed error content to an external service, and such outputs commonly contain secrets, tokens, file paths, environment values, personal data, or proprietary source snippets. Although the document mentions consent for user-provided content, the behavior instruction is broad and default-oriented, making accidental sensitive-data exfiltration to a third party a realistic risk.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.