Back to skill

Security audit

Swarm Layer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed workflow-orchestration guide with expected local reporting, optional Obsidian mirroring, and opt-in automation controls.

Install only if you want project workflow automation that can dispatch agent tasks and maintain local state. Before enabling ACP autopilot or watcher mode, use dry-run/status first and confirm you know how to pause or stop it. Avoid configuring Obsidian sync or report generation against sensitive projects unless the destination is trusted and access-controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill repeatedly advertises automatic report generation and optional Obsidian mirroring, but it does not foreground that normal operation writes workflow data, logs, specs, and summaries to disk and may mirror them into an external note vault. In a security-sensitive agent context, implicit persistence can leak sensitive prompts, project metadata, task outputs, and operator notes to locations the user did not consciously approve.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The autopilot and watcher-mode documentation encourages background progression of workflows through start/resume/tick flows, but it does not clearly warn that these modes can continue dispatching tasks and mutating workflow state without continuous operator action. In an orchestration skill that can run tasks, retry failures, and advance sessions, this creates a real risk of unintended background execution, state changes, and additional artifact generation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.