Qualify

Security checks across malware telemetry and agentic risk

Overview

This is a text-only qualification framework with no evidence of code execution, credential access, persistence, or hidden behavior.

Install if you want structured help deciding what is worth pursuing. Treat its outputs as decision support only, especially for hiring, finance, legal, compliance, medical, or regulated business decisions where human review and applicable policies still matter.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger conditions are unusually broad and include generic phrases like 'What criteria should I use' and 'How do I qualify this,' which can overlap with many ordinary planning or decision-support requests. In an agentic system that auto-selects skills, this can cause unintended activation, leading the model to apply filtering/go-no-go logic where a narrower or more appropriate skill should have been used.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal