Nm Imbue Structured Output

Security checks across malware telemetry and agentic risk

Overview

This skill only provides structure for formatting reports and review deliverables, with no evidence of hidden execution, data access, or destructive behavior.

Install this if you want an agent to standardize final reports and review outputs. Be aware that generic formatting requests may activate it, so review final wording when another task’s exact output style matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger keywords and contextual cues are broad enough that the skill may auto-activate during many ordinary requests involving formatting, reporting, or presentation. In an agent system, unintended invocation can alter workflow, inject extra instructions, or bias outputs away from the user's primary task; while this skill is not overtly malicious, broad activation increases the attack surface and can compound risk when combined with other skills or automation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal