Back to skill

Security audit

Agent Context Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AgentPMT integration for managing persistent agent context documents, with no local executable code or hidden behavior found.

Install only if you use AgentPMT and want agents to manage shared context documents. Before allowing create, update, archive, or request_unlock actions, confirm the target document and intended change, because edits may persist and affect workflows that reference that context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill's activation keywords include long, generic natural-language phrases and broad business terms, which increases the chance the skill is invoked when a user did not explicitly intend to use it. In this context, unintended invocation is meaningful because the skill is wired to remote AgentPMT tool calls that can read, create, update, archive, or unlock context documents, so accidental matching could trigger sensitive external actions or expose internal knowledge.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.