Prompt Guard

Security checks across malware telemetry and agentic risk

Overview

Prompt Guard is a markdown-only prompt-injection defense guide; its risky phrases are labeled examples, not hidden commands.

Reasonable to install as advisory guardrail guidance. Treat it as policy guidance, not a technical security boundary; keep normal sandboxing, tool approvals, and least-privilege controls enabled, and avoid storing sensitive data in any logs created from its recommendations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 74% confidence
Finding: The README states the skill activates automatically for broad classes of content such as web-fetched data, untrusted files, API responses, and shared chats, but it does not define clear scope boundaries, opt-in conditions, or exclusion rules. In an agent-skill context, overly broad automatic activation can cause the guard to intercept unrelated workflows, create denial-of-service behavior, or let untrusted content influence security decisions in unexpected contexts.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill declares very broad activation criteria such as any security-related request or mentions of 'prompt injection' and 'jailbreak'. This can cause the guard skill to trigger in ordinary conversations, potentially interrupting intended workflows, creating denial-of-service-like behavior for benign tasks, or biasing the agent toward over-refusal.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal