Back to skill

Security audit

Multilingual Semantic Bridge

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only skill that helps agents reformulate multilingual or mismatched technical queries for better retrieval, with no executable install behavior or hidden high-impact access.

This skill is reasonable to install as a retrieval aid. Before using it with sensitive work, confirm whether your agent may save learned terminology mappings and avoid persisting private user phrasing unless your memory settings and retention policy allow it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill's activation guidance is very broad and frames itself as applicable whenever wording might not line up with stored technical targets. Without clear trigger boundaries or exclusion criteria, an agent may invoke this skill too often, causing unnecessary query rewriting, routing drift, or retrieval of unintended artifacts. In a retrieval/routing skill, over-broad activation is operationally risky because it can distort user intent and increase the chance of pulling the wrong docs, runbooks, or skills into downstream decision-making.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.