Database Helper 99a323

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable markdown skill with overly broad activation wording, but it does not request sensitive access or perform actions on the user's system.

Install only if you specifically want a lightweight informational helper for the named database/Sun-Panel topics. Be aware that the broad "Sun" trigger could activate in unrelated conversations, so prefer disabling or narrowing that trigger if your agent supports trigger configuration.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 95% confidence
Finding: The trigger field includes very broad terms like "Sun" and a vague phrase fragment, which can cause the skill to activate during ordinary conversation unrelated to the intended tool. In an agent environment, unintended invocation can override user intent, inject irrelevant guidance, or route the conversation into behaviors the user did not request.

Vague Triggers

High

Confidence: 94% confidence
Finding: The activation scenarios are underspecified and include generic conditions like the user saying "Sun" or needing "database-helper" help, which are too ambiguous for safe routing. This increases the chance of accidental activation and context hijacking, especially because the skill content is loosely assembled from unrelated video sources rather than a narrowly scoped tool definition.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal