Back to skill

Security audit

AI Safety Rails

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only safety configuration template with disclosed setup guidance and no bundled executable code or hidden privileges.

Safe to install as a safety-rules template. Before using aggressive autonomy settings, write explicit allowed actions and stop conditions, use a private verified approval channel, and review ai-sentinel and skill-guard separately before installing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrase "Set up safety rails" is generic and likely to overlap with ordinary user requests about configuring safeguards. That can cause accidental activation of this skill in unrelated contexts, potentially altering agent behavior or installing additional components without the user intending to invoke this exact skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.