Agentsop Crewai

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only CrewAI guidance skill with no executable payload, and its multi-agent guidance is disclosed and mostly scoped to the stated purpose.

Install this as a CrewAI design reference, not as a general teamwork skill. If it activates on a vague request about teams or collaboration, confirm the task truly needs multiple specialized agents before following its CrewAI workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger for OP-1 activates on generic concepts like 'team', 'collaboration', or 'roles', which are common across many unrelated requests. This can cause the skill to select or steer users into CrewAI unnecessarily, creating incorrect framework routing, over-collection of context, or unintended multi-agent behavior in downstream automation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal