Contradiction Analysis

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only problem-analysis skill with broad routing language, but it does not request sensitive access or perform actions on its own.

Install this only if you want the agent to use contradiction analysis as a lens for complex trade-offs. Because the trigger wording is broad and the content is Chinese-first, be explicit when you do not want this framework or language style applied.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger conditions are very broad ('complex problem', 'unclear priorities', 'trade-off', 'root cause unclear'), which overlap with many ordinary tasks. In an agent system, that can cause over-invocation of this skill, steering the model into an ideological or rigid analytical frame when a narrower or safer skill would be more appropriate.

Natural-Language Policy Violations

Medium

Confidence: 79% confidence
Finding: The skill leads with Chinese content and does not clearly instruct the agent to match the user's language or ask for language preference. This can cause unintended language switching or reduce user comprehension, which is a safety and usability risk in agent workflows even though it is not directly exploitable like code execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal