Agent Engineering

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only agent design guide with disclosed operational patterns and no hidden code or install behavior.

Safe to install as a methodology skill. Before using its templates to build real agents, keep autonomy low at first, require approval for external or destructive actions, avoid storing secrets in memory, scope any cron jobs and external channels tightly, and make sure persistent agents have monitoring and a shutdown path.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill exposes broad natural-language trigger phrases such as "Design a new agent for [purpose]" and similar commands without any explicit activation boundary, confirmation step, or namespace. In environments where skills may be selected from conversational text, this can cause unintended invocation and execution of powerful agent-engineering workflows from ordinary user phrasing.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: This section lists many open-ended natural-language commands that can map directly to operational actions like building agents, creating cron jobs, scaling teams, and setting safety rails. Because the skill is specifically about designing and operating autonomous agents, accidental or prompt-injected activation is more dangerous than in a passive documentation skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal