Meta Skill Writer

Security checks across malware telemetry and agentic risk

Overview

This is a skill-writing guide with no executable code, credentials, persistence, or data access; its main risk is overly broad routing wording.

Install only if you want a Chinese guide for writing OpenClaw skills. When using it, review any generated skill description so it is specific enough to avoid accidental activation in unrelated conversations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 95% confidence
Finding: The skill explicitly instructs authors to use the exact user utterance as the description, including a very broad phrase like “帮我评估一下这个 skill”. In systems where descriptions are used for routing, this creates over-broad activation that can cause the skill to trigger in many unrelated contexts, hijacking normal requests and increasing the chance of unintended execution paths.

Vague Triggers

High

Confidence: 98% confidence
Finding: The current metadata description, “帮我写个 skill。”, is a generic everyday request with no activation constraints. If the agent uses description text to decide when to load the skill, this can cause accidental invocation for a wide range of benign conversations about skills, increasing prompt-surface exposure and interfering with more appropriate skills or base behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal