Defragmenter

Security checks across malware telemetry and agentic risk

Overview

This skill only provides instructions for reorganizing workspace knowledge and includes clear dry-run, approval, and write-scope limits.

Before installing or using it, review the dry-run carefully because the skill can copy workspace notes, preferences, or operational facts into persistent files. Approve only narrow, useful changes and avoid copying secrets, credentials, or private personal information into long-lived memory files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The description and invocation guidance use broad, subjective language like 'workspace feels fragmented' and 'facts exist but are not assembled,' which can trigger the skill in many normal situations without clear boundaries. Because the skill rewrites workspace files, ambiguous activation increases the chance of unnecessary or user-unexpected modifications even though later safeguards reduce the severity.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The 'Use this skill when' section lists vague conditions such as the workspace feeling 'architecturally messy' or information being 'half in chat, half in cron, half in files.' These are highly interpretive triggers that could cause over-activation and broad scanning or rewriting of files beyond what the user intended, especially in large workspaces with many partially overlapping documents.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal