ML Engineering

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only ML engineering playbook with no hidden execution, credential access, or persistence.

Safe to install as a reference skill. Use human review, staging, rollback plans, and explicit approval before applying its deployment, monitoring, or retraining advice to live ML systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The example commands are very generic phrases such as "Build RAG system" and "Deploy model," which are likely to collide with ordinary user requests in unrelated conversations. If the platform uses these phrases as activation triggers, the skill could activate unintentionally and inject its methodology or instructions into contexts where the user did not explicitly intend to invoke this skill.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The skill exposes very broad natural-language trigger phrases such as "Deploy model" and "Select model" without any clear scoping, confirmation, or activation boundaries. In an agent setting, underspecified triggers can cause accidental invocation or prompt-routing collisions, making the agent apply this skill in unintended contexts and potentially produce unsafe operational guidance or actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal