Double Check

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill broadly tells an agent to run verification twice after file edits, which is disclosed and aligned with its quality-checking purpose but can run project code.

Install this if you want agents to automatically validate file edits, often by running the same project command twice. Use caution in unfamiliar or sensitive repositories, and require confirmation before commands that start services, touch production data, use the network, take a long time, or have unclear side effects.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Vague Triggers

High

Confidence: 96% confidence
Finding: The skill declares itself applicable by default to any file modification task, which removes important task-by-task boundary checks and encourages automatic behavior without explicit user confirmation. In practice this can cause an agent to run unnecessary verification steps, including potentially risky build or runtime commands, in contexts where they are inappropriate, costly, or unsafe.

Vague Triggers

High

Confidence: 95% confidence
Finding: The activation condition says the AI should automatically apply the skill whenever it detects file modification intent, but it provides no clear limits for dangerous repositories, untrusted codebases, or high-cost commands. This creates an overbroad autonomy pattern where the agent may execute verification actions in unsuitable environments without adequate gating.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The automatic trigger language lacks exceptions and opt-out guidance, so the agent is pushed toward always-on behavior even when verification is not feasible, safe, or necessary. While less severe than direct command execution instructions, this still weakens operator control and can normalize unsafe autonomous decisions.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: --- name: double-check description: 在修改任何文件后（包括删除功能），自动进行两次独立验证（测试/编译/运行检查/文档或配置检查），确保无误才结束。本技能应默认应用于所有文件修改任务。 / After any file changes (including feature removal), automatically perform two independent verifications (tests/compilation/runtime checks/docs or config checks) to ensure correctness. This skill should be applied by default to any file modification task. author: BelugaRex tags: [coding, testing, verification, quality-assurance, bilingual] ---
Confidence: 93% confidence
Finding: automatically perform

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal