System Monitor Pro C48956

Security checks across malware telemetry and agentic risk

Overview

This is a simple markdown-only system-monitoring learning skill with broad trigger wording but no code, persistence, credentials, or high-impact actions.

This appears safe to install from a security standpoint, but users may want to rename or narrow the trigger phrase so it activates only when they explicitly ask for this specific system-monitoring skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger scenarios are broad and generic, including phrases like users needing related help, which can cause the skill to activate during ordinary conversation without clear user intent. In an agent environment, unintended invocation can route user requests to irrelevant or lower-quality instructions and create opportunities for prompt hijacking through accidental tool selection.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest trigger includes ambiguous mixed-language terms such as 'System' and 'Monitor', which are common words likely to appear in normal conversation. This increases the chance of accidental activation and misrouting, especially in multilingual contexts where partial matches may be applied loosely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal