Back to skill

Security audit

Monitoring Aiops

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed monitoring-operations tool with expected credential use and guarded write actions, though users should handle the master password carefully.

Install only if you intend to let an agent operate SolarWinds Orion or PRTG. Use least-privilege monitoring accounts, enable SSL verification in production, prefer an interactive prompt or a secret manager over a long-lived exported MONITORING_AIOPS_MASTER_PASSWORD, and review high-risk actions such as unmanage_node and remove_node before approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide recommends placing the master password in an environment variable for unattended use but does not warn that environment variables can be exposed through process listings, child-process inheritance, shell history, CI job logs, crash reports, or misconfigured observability tooling. Because this password unlocks the encrypted credential store for monitoring targets, compromise of the variable can expose Orion credentials or PRTG API tokens and enable unauthorized monitoring actions, including governed writes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.