Review Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal review helper skill that writes a local review report and optionally uses another verification protocol, with no evidence of hidden or harmful behavior.

Install if you want an agent-assisted skill review workflow. Before running it, choose the output path deliberately and check whether .review-output.md or your chosen file already exists if overwriting would matter.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 89% confidence
Finding: The manifest describes this skill as reviewing skill PRs for structural, design, and marketplace consistency, and the frontmatter explicitly sets `disable-model-invocation: true`. Step 7 nevertheless instructs the agent to load and apply a separate `review-verification-protocol` skill, which adds orchestration/composition capability beyond the stated review function and is not clearly justified by the manifest description.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This markdown file instructs the skill to take an output file path from `$ARGUMENTS` and to write results there, including a default path if none is provided. Because writing files can affect user data or workspace state, the skill description should explicitly warn the user that it creates or overwrites an output file.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal