Back to skill

Security audit

Debug Probe

Security checks across malware telemetry and agentic risk

Overview

This debugging skill is legitimate in purpose, but it needs review because it can add temporary logging and dump hooks that may expose sensitive runtime data if used carelessly.

Install only if you are comfortable with an agent adding temporary debugging code. Prefer project-level installation on a clean branch, require explicit approval before instrumentation or deployment, avoid logging secrets or personal data, review and sanitize exported logs before sharing, and verify all DIAG-marked code and dump hooks are removed after debugging.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to insert instrumentation and export logs but does not warn against collecting secrets, tokens, personal data, or full object dumps. In a debugging context, this omission is meaningful because ad hoc logging frequently captures sensitive runtime state, and exported logs may then be stored, shared, or pasted into external systems.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill advertises very broad trigger terms such as 'debug', 'bug', 'not working', and 'investigate' without meaningful scope constraints, making accidental invocation likely across many unrelated contexts. Because the skill then instructs adding runtime instrumentation and exporting logs, overbroad activation increases the chance it is applied in sensitive systems or workflows where diagnostic logging could expose confidential data or alter production behavior.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly tells the agent to insert diagnostic logging, buffer logs in memory, and have users export the collected logs, but it provides no warning or controls for secrets, personal data, tokens, credentials, or other sensitive runtime state that may be captured. In a debugging context, runtime values are often the most sensitive data in the system, so encouraging collection and export without minimization, redaction, or consent materially increases the risk of data leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The templates encourage diagnostic logging of application state and user-related values such as `userId` and `tokenExp`, and they print logs to console or buffered dumps without any guidance to avoid secrets, redact sensitive fields, or restrict use to non-production environments. In practice, developers often expand such patterns to include tokens, session data, PII, or internal state, creating a meaningful risk of information exposure through logs and debug dumps.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The Go template explicitly suggests exposing `Dump()` and `Clear()` via an HTTP endpoint, which can directly leak the in-memory diagnostic buffer over the network if implemented without strong authentication and environment restrictions. Because the buffer is designed to hold recent diagnostic lines that may contain internal state or user-associated data, this guidance materially increases the chance of remote information disclosure.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.