多模型路由器

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only model-selection guide with no executable install steps, but users should be mindful of cost and privacy if they implement routing across multiple AI providers.

Before installing, treat this as a routing guide rather than a ready-made secure router. If you implement it with real APIs, make parallel routing opt-in, avoid sending sensitive prompts to multiple providers unnecessarily, and monitor token costs and provider logging policies.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation phrases are generic enough that the skill may trigger in unintended contexts, causing the router behavior to override or interfere with unrelated user requests. In a model-selection skill, accidental invocation can change which model is used, affecting cost, data flow, and response quality without explicit user intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal