Security audit

AI Expert Team

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed expert-team orchestration guide with one bounded bootstrap step to clone reference repositories for inspection.

Before installing, be aware that if you ask the skill to inspect or initialize its source assets, it may create an assets directory and clone two external GitHub repositories. That means network access and local disk changes; review or pin those repos first if your environment requires reproducible or offline-only behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Low

Confidence: 84% confidence
Finding: The skill includes operational instructions to clone external GitHub repositories and inspect repository state. In an agent context, this expands the trust boundary to unpinned remote content and can trigger unintended network access or local workspace changes if the user asks to initialize assets, which is risky for a skill that is otherwise framed as analysis/orchestration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.