Security audit

Error Recovery

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward error-recovery checklist with a simple local diagnostic script, but its broad triggers may activate more often than intended.

Install this as a recovery checklist, not as permission for automatic fixes. Require confirmation before privileged commands, permission changes, repository pushes, API uploads, credential rotation, or saving error logs to memory, and redact sensitive details from any recorded errors.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The manifest uses very broad trigger phrases such as '错误', '失败', '重试', and '恢复', which are common in ordinary user conversations. This can cause the skill to activate unexpectedly in unrelated contexts, increasing prompt-surface area and making the agent follow recovery procedures when they were not intended.

Overly Broad Trigger

Low

Category: Trigger Abuse
Confidence: 90% confidence
Finding: The trigger '错误' is extremely short and generic, so it is likely to match routine conversation rather than a genuine tool failure. This creates unintended activation risk and may cause the agent to enter recovery mode in situations where doing so is unnecessary or disruptive.

Overly Broad Trigger

Low

Category: Trigger Abuse
Confidence: 90% confidence
Finding: The trigger '失败' is overly broad because it can refer to many normal conversational topics unrelated to tool execution. This can lead to accidental skill invocation and unnecessary recovery workflows, which expands the chance of the agent taking off-target actions.

Overly Broad Trigger

Low

Category: Trigger Abuse
Confidence: 90% confidence
Finding: The trigger '重试' is a common conversational word and may be mentioned casually even when no structured recovery process is needed. This can cause the agent to activate the skill too often and potentially perform unnecessary retries or workflow changes.

Overly Broad Trigger

Low

Category: Trigger Abuse
Confidence: 89% confidence
Finding: The trigger '恢复' is too generic and can match many unrelated requests about recovery, restoration, or healing. In this skill's context, that broadness increases unintended activation and may steer the agent into error-handling behavior when no system error exists.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.