Smart Summarizer

Security checks across malware telemetry and agentic risk

Overview

This is a simple summarization skill that processes user-provided content and does not include code, install hooks, credential access, persistence, or hidden behavior.

Install this as a general summarization helper. Be mindful that any pasted emails, meeting notes, documents, URLs, or transcripts may be processed by your agent, so avoid providing secrets, credentials, or confidential material unless that is intentional and acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill advertises extremely broad capabilities like summarizing 'any content' and being usable for many common source types, which can cause over-invocation on routine user requests that are not specifically asking for this skill. In an agent environment, overly generic triggering increases the chance the skill is selected inappropriately, causing unintended data handling, privacy exposure, or workflow interference.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal