Back to skill

Security audit

Phoenix Shield

Security checks across malware telemetry and agentic risk

Overview

Phoenix Shield appears to be a legitimate backup and rollback skill, but it encourages broad production system changes and automatic recovery actions that need careful review before use.

Install only if you intend to use it as a supervised production administration tool. Review every command passed through deploy, update, pre-hook, or post-hook options; test in staging first; avoid unattended auto-rollback until validated; limit target hosts and privileges; and protect backups because they may contain secrets and sensitive operational data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents rollback and restore operations that can revert packages, configurations, or the full system state, but it does not prominently warn that these actions may cause data loss, overwrite newer state, or interrupt live services. In an agent-assisted context, omission of such warnings increases the chance that a user or automation invokes disruptive recovery steps without understanding operational consequences.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The examples show deployment and package upgrade commands such as `apt upgrade` and scripted deploy flows without clearly warning that they perform privileged, system-changing operations. In a skill meant for automation, this can normalize direct execution of impactful commands and increase the risk of unreviewed changes, outages, or accidental modification of production systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.