Weekly Report Flow

Security checks across malware telemetry and agentic risk

Overview

This skill has a clear business-reporting purpose, but it can read internal DevOps data and submit reports to EMOP without built-in confirmation or tight bounds.

Install only if you trust the DevOps and EMOP environments involved. Before running it, ask the agent to show the exact report payload, confirm each submission, set a clear backfill date range, avoid browser-session fallback unless explicitly approved, and inspect the referenced local scripts before allowing them to run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs posting workitem-derived content to an external EMOP endpoint using an authentication token, but provides no requirement for user confirmation, data minimization, or warning that internal project data will leave the source system. Because the workflow automates collection, summarization, and transmission of potentially sensitive DevOps data, it creates a real risk of unintended exfiltration to a third-party or separate system.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal