Improve Doc

Security checks across malware telemetry and agentic risk

Overview

This skill is a documented, interactive markdown documentation editor that only overwrites the user-specified file after user-directed review steps.

Install only if you are comfortable with a skill that may rewrite the markdown file you point it at. Use it on files under version control or make a backup first, especially for large restructures.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill performs a destructive write to the user-supplied Path by overwriting the original file after the interactive flow. Although it requires user interaction and includes some gating, the skill metadata and instructions do not provide an upfront, explicit warning that user data will be modified, which creates a real integrity risk if invoked on the wrong file or with misunderstood scope.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal