Nm Leyline Quota Management

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only quota-management skill with no executable code, credentials, or hidden runtime behavior in the supplied artifacts.

Reasonable to install as quota-management guidance. Before installing the referenced external plugin or turning the examples into running code, review where quota history would be stored, how cached or queued work can be cleared, and whether fallback to secondary services could send requests to providers you did not intend to use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger list includes broad operational terms like 'quota', 'thresholds', and 'resource-management' that are likely to overlap with many normal user requests. In an agent environment, overly generic triggers can cause this skill to activate unexpectedly, injecting quota-management guidance into unrelated workflows and increasing the chance of inappropriate behavior or control-flow interference.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal