Back to skill

Security audit

Transportation Digital Ai Expert Standard International

Security checks across malware telemetry and agentic risk

Overview

This is a large transportation advisory knowledge skill with no executable payload; the main issues are overbroad activation and some high-risk examples needing stronger privacy and safety cautions.

Install only if you want a broad transportation digital-transformation reference. Treat its outputs as drafting and analysis support, not operational approval: review any recommendations involving ANPR, biometrics, watchlists, telemetry, passenger profiling, external data sharing, V2X control, OTA, or remote driving with legal, privacy, cybersecurity, and functional-safety owners before use. Consider narrowing triggers and removing the mandatory author footer if your agent supports local skill customization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (47)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The README states the skill can be triggered by broadly phrased natural-language requests and 'automatically match' user needs, without a clearly bounded invocation scope. In an agent skill system, this can cause unintentional activation on ordinary transport-related conversations, leading the skill to inject large amounts of guidance or override more appropriate agent behavior.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger index claims that any mention of a very large set of generic transport, architecture, security, and tooling terms will route to this skill. That creates excessive activation scope and can hijack unrelated conversations, causing the agent to apply this skill's strong instructions and boilerplate in contexts where it was not requested.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The top-level description markets the skill as an all-in-one, world-class advisory system across an unusually broad set of domains and use cases. On its own this is mostly promotional, but in a skill-routing ecosystem it increases the chance of over-selection and misuse outside the intended transport advisory scope.

Natural-Language Policy Violations

Low
Confidence
81% confidence
Finding
The skill mandates a fixed end-of-reply paragraph in a specific format, which can override normal assistant behavior and locale adaptation. While not a severe security flaw, hardcoded output requirements increase prompt rigidity and can interfere with platform policy, summarization, or user-requested response formats.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The file explicitly defines the dataset as a 'global reference' by removing Chinese-language-only journals, which embeds a language/locale exclusion without user choice or a compliance-based justification. In an advisory skill, this can systematically bias recommendations, suppress relevant sources for multilingual or regional users, and produce discriminatory or incomplete outputs presented as authoritative.

Natural-Language Policy Violations

Medium
Confidence
98% confidence
Finding
This line directly states that Chinese-language journals are intentionally excluded to maintain a 'global' reference, equating global relevance with English/international venues. That creates a biased policy layer in the skill's knowledge base, which may lead users to overlook credible regional scholarship and can skew downstream recommendations or analyses.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The data note reiterates that country-specific non-English journals are out of scope, reinforcing a persistent language-based exclusion across the file. Because this is a reference dataset for professional decision support, the repeated policy increases the chance that biased scope limitations will be treated as neutral fact and propagated into procurement, research, or policy advice.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document explicitly promotes large-scale fusion of ANPR, enforcement, GPS, ride-hail, fleet tracking, and trajectory playback data without any discussion of privacy controls, legal basis, retention limits, access restrictions, or transparency to affected users. In a transportation operations context, this creates real risk of surveillance overreach, unauthorized profiling, and misuse of sensitive location data across agencies.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The case study describes dense roadway sensing, plate/vehicle recognition, trajectory-level simulation, AI incident detection, and API-based sharing of incident data, but provides no privacy, retention, minimization, consent, or governance safeguards. In a transport advisory skill, this can normalize surveillance-heavy architectures without warning users about legal, civil-liberties, and data-protection risks, increasing the chance that downstream adopters implement invasive systems unsafely.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The public reporting widget explicitly collects user-submitted photos and location data, but the case text does not mention any privacy notice, consent flow, retention limits, or access controls. In a public-sector transportation context, geotagged reports and images can reveal sensitive personal or property information, creating privacy, compliance, and misuse risks if the feature is implemented as described.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The case study describes broad ingestion and sharing of booking data, passenger flow, IoT, and related operational data, but provides no mention of consent, minimization, retention, lawful basis, or safeguards. In a transportation hub context, this normalizes large-scale surveillance and cross-operator data sharing, which can lead implementers to reproduce privacy-invasive designs without adequate controls.

Missing User Warnings

High
Confidence
97% confidence
Finding
The document presents face recognition, abnormal behavior detection, watchlists, and dense video analytics as standard safety features without any warning about privacy, civil-liberties, bias, or legal constraints. Because this is a reference skill for technical professionals, omission of guardrails makes the content more dangerous by encouraging deployment of highly intrusive surveillance capabilities as best practice.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes personalized commercial recommendations based on passenger profiles and behavior, but does not mention transparency, consent, opt-out, or limits on profiling. In a mass-transit setting, combining mobility behavior with commercial targeting can create significant privacy risks and secondary-use concerns, especially when users may have little practical ability to avoid tracking.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The playbook explicitly includes privacy/security-restricted data in its data-readiness assessment, but only frames it as an availability constraint ('masking manageable' or 'unusable') rather than requiring legal, privacy, and governance review before use. In a transportation AI context, shortlisted scenarios may involve license plates, video feeds, driver behavior, passenger flow, or cross-department data sharing, so omission of mandatory compliance review can lead teams to proceed with sensitive-data use without proper authorization, minimization, retention controls, or DPIA-like assessment.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The playbook includes named contacts plus phone-number placeholders in operational data inventory examples, which normalizes recording personal contact details inside broadly shared governance artifacts. In a transport-security context, even illustrative inclusion of identifiable staff/vendor contacts can encourage unnecessary collection and wider dissemination of personal data, increasing privacy and social-engineering risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The playbook explicitly recommends collecting app telemetry, warning feedback, and operational logs from test drivers and users in real time and over time, but it does not mention notice, consent, data minimization, retention limits, access controls, or lawful basis. In a transportation pilot, such telemetry can reveal driver behavior, movement patterns, and potentially identifiable usage data, creating privacy and compliance risk if collected or shared without appropriate safeguards.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document describes high-volume perception sharing, remote monitoring, OTA distribution, and digital-twin synchronization at city scale without any adjacent privacy, data-minimization, retention, or consent guidance. In a transport advisory skill, this can normalize broad collection and sharing of potentially identifying vehicle, location, and sensor data, increasing the chance that downstream users design deployments that violate privacy expectations or regulatory obligations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The whitepaper presents remote driving and active control as standard capabilities and includes aggressive latency/reliability targets, but does not pair them with strong safety, authorization, fail-safe, or operator-supervision warnings. In this context, omission is dangerous because implementers may treat remote driving/control as a deployable feature rather than a safety-critical function requiring strict integrity protections, regulatory approval, and fallback behavior.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The template explicitly plans processing of sensitive transportation data, including vehicle trajectories, license plates, and face/pedestrian imagery, but frames this mainly as internal governance and compliance rather than requiring a user-facing privacy notice, lawful basis, retention limits, or data-minimization controls. In a transportation platform skill, this is more dangerous because it provides a reusable blueprint for large-scale operational surveillance and may normalize collection of highly sensitive personal data without adequate transparency to affected individuals.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The template includes AI incident detection, ANPR/plate recognition, and face or pedestrian image handling as standard platform capabilities, but does not prominently warn about surveillance risk, biometric sensitivity, false positives, or legal restrictions on such processing. In this skill context, that omission is more dangerous because the document is positioned as an implementation-ready proposal, increasing the chance that organizations deploy intrusive monitoring features by default without proper governance, transparency, or human oversight.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The template explicitly defines flows that send OBU/RSU/MEC status, logs, vehicle telemetry, and perception data to cloud systems, but it provides no corresponding privacy notice, data-minimization guidance, retention limits, consent model, or legal/compliance guardrails. In a V2X deployment, these data streams can reveal persistent location traces, driver behavior, and sensitive operational patterns, so omission of privacy handling guidance can lead to large-scale surveillance exposure or noncompliant deployments.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The template includes OTA management, remote configuration, monitoring, backup/restore, and certificate lifecycle functions for RSUs, OBUs, MEC, and cloud components, but it does not warn that these are high-trust control paths requiring strict integrity protections and operational safeguards. If implemented naively, these features could enable unauthorized updates, rollback to unsafe states, certificate abuse, or service disruption across safety-relevant transportation infrastructure.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This section specifies corridor-wide sensing, ANPR, trajectory tracking, anomaly detection, and vehicle identification at high accuracy, but provides no privacy, retention, access-control, minimization, or legal-basis guidance. In a real-world deployment, this omission can normalize over-collection and broad secondary use of personally identifiable movement data, increasing the risk of surveillance abuse, unauthorized access, and noncompliance with privacy laws.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The free-flow tolling design combines ETC, ANPR, AI path reconstruction, evasion analysis, and exception handling for charging and enforcement, yet omits any warning or control language around automated decision-making and enforcement data use. That creates risk of wrongful charges, opaque profiling, excessive retention, and use of tolling data for broader surveillance or enforcement beyond the stated purpose.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This section explicitly plans external data sharing with toll authorities, transport centers, police, meteorological services, and map/navigation providers via APIs or message queues, but includes no constraints on what is shared, under what authority, or with what protections. In the context of a smart-highway system that already collects location, incident, and vehicle-linked data, unrestricted external sharing significantly increases privacy, misuse, and breach exposure across multiple organizations.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.