Security audit

Teamgram Client E2E Flow

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill does not run code, but it includes instructions to bypass enterprise feature locks, so it needs human review before installation.

Install only if you are comfortable with a documentation skill that includes enterprise-check bypass guidance. Treat that section as sensitive and use it only in an authorized development or audit context; prefer legitimate licensing, configuration, or vendor-supported enablement paths for enterprise-gated features.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: The skill explicitly instructs readers to 'modify' business-service logic to remove or bypass `checkEnterprise()` enforcement. Even though this is framed as documentation, it provides actionable guidance for defeating license or access controls, which can enable unauthorized feature unlocking and policy circumvention.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The manifest presents the skill as documentation-only architecture reference material, but the content goes beyond description and gives concrete instructions for bypassing enterprise restrictions. This mismatch increases risk because reviewers or downstream systems may treat the skill as low-risk reference content while it actually contains operational abuse guidance.

Natural-Language Policy Violations

High

Confidence: 99% confidence
Finding: The text directly tells the reader how to remove or bypass enterprise-edition access checks by changing helper logic and eliminating `checkEnterprise()` calls. That is effectively a recipe for tampering with authorization or licensing controls, which can facilitate unauthorized use of restricted functionality.

Ssd 4

Medium

Confidence: 97% confidence
Finding: The documentation cumulatively steers the reader toward unauthorized feature unlocking by identifying the blocking condition and then prescribing code changes to remove it. In context, this is more dangerous because the skill claims to be harmless documentation, which can mask that it is actually providing abuse-enabling implementation guidance.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal