Multi-Agent CN

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent and instruction-only, but it broadly routes work into persistent sub-agent sessions without clear reset, retention, or sensitive-task controls.

Install only if you are comfortable with task details being copied into reusable sub-agent sessions. Avoid sending secrets, account data, production credentials, or unrelated private context through this dispatcher unless you add your own rules for confirmation, project separation, and session reset.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The description presents the skill as a generic, unconstrained multi-agent dispatcher that can be applied broadly without clear task, domain, or permission boundaries. In agent systems, this increases the risk of overbroad activation and delegation of sensitive user requests to persistent sub-agents, which can amplify prompt-injection, data leakage, or unsafe tool-use behaviors.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: The description frames the skill as a Chinese-version system and emphasizes Chinese-language operation without indicating user choice or locale negotiation. This can cause the skill to activate or respond in an unexpected language context, increasing the chance of user confusion, mishandling of instructions, or reduced visibility into delegated sub-agent behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal