Auto Llm 1644 1db0d0

Security checks across malware telemetry and agentic risk

Overview

This is a simple markdown-only learning skill with no executable code or sensitive access; its main caveat is a broad trigger phrase that could activate unintentionally.

Install only if you are comfortable with a topic helper that may activate on broad related phrases. Prefer explicit invocation if accidental activation would be disruptive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger condition includes very generic phrases such as "用户说'洛曦'" and "用户需要auto_llm_1644相关帮助," which can activate the skill outside a clearly scoped intent. Overly broad activation increases the chance of unintended invocation, context hijacking, or routing a user into this skill when they were asking for something else.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal