First Principles Decomposer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only reasoning skill that teaches a first-principles problem-solving workflow and does not request system access, credentials, network use, or persistent behavior.

This appears safe to install as a reasoning aid. Be aware that its broad trigger phrases may steer some ordinary requests into a structured decomposition format, and review its recommendations before acting on them in important business, financial, legal, or safety-sensitive decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list includes broad, natural-language phrases such as "from scratch," "break this down," and "what are we assuming" that can occur in ordinary user requests. This can cause unintended skill invocation, steering conversations into a decomposition workflow when the user did not explicitly request it, which may disrupt task routing or override more appropriate skills.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal