Skill Distiller

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed workflow helper for turning completed work into reusable skills, with no executable code and only purpose-aligned file-writing guidance.

Install only if you want the agent to help create or update reusable skills from completed work. Review any generated SKILL.md, memory note, or registry entry before relying on it or publishing it, and avoid enabling automatic distillation in workflows where local file creation should require an explicit command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The metadata description says the skill can trigger 'automatically at end of complex tasks,' which is broad and subjective. In an agent environment, ambiguous auto-activation can cause the skill to run unexpectedly on unrelated tasks, leading to unintended file creation, workflow capture, or persistence actions without a narrowly scoped user request.

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The trigger guidance explicitly encourages listing 5-15 concrete phrases and does not require those phrases to be uniquely scoped to distillation. Broad trigger vocabularies increase collision risk with normal conversation, making accidental activation more likely in contexts where writing skills or references would be unsafe or unintended.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal