Nm Abstract Subagent Testing

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill for testing other skills in fresh model conversations, with no hidden execution or data exfiltration behavior found.

Before installing, note that this skill may appear for broad testing or validation requests. Use it when you want structured skill-testing methodology, and avoid pasting confidential prompts or full model responses into shared test logs unless that is intentional.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list includes broad, generic terms such as "testing," "validation," and "subagents," which are likely to match many unrelated user requests. This can cause unintended invocation of the skill, increasing prompt-surface exposure and creating unpredictable behavior if the skill is loaded in contexts where it was not explicitly desired.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal