Task Director

Security checks across malware telemetry and agentic risk

Overview

Task Director is a disclosed local planning and step-tracking tool, but users should review any generated commands before approving execution.

Install only if you are comfortable with an agent using this as a command-by-command task runner. Before approving a storyboard, read the scenes and reject or edit any command that installs packages, contacts the network, deletes files, or touches sensitive directories unless it is exactly what you intended.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The example scenes go beyond storyboard/task-planning and include actionable shell commands for environment inspection, package installation, file creation, and destructive cleanup. In an agent skill context, these templates can normalize or trigger real system modifications unrelated to the declared purpose, increasing the chance of unintended execution and host impact.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: Including pip installation commands introduces network access and software modification capability that is not clearly justified for a storyboard/task-director skill. This can lead to unreviewed package installation, dependency confusion, or unexpected environment changes if an agent treats the template as executable guidance.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal