Agent Orchestrator Template

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only orchestration template that is broadly aligned with its stated purpose and does not show hidden or malicious behavior.

Safe to install as a template with normal caution: keep task contracts narrow, avoid sharing unnecessary private context with sub-agents, require explicit review before public posts or account-affecting actions, and inspect any separately downloaded helper scripts before running them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Natural-Language Policy Violations

Medium

Confidence: 97% confidence
Finding: The embedded reporting and delivery templates switch to Chinese field labels and expected output structure without any user opt-in, which can implicitly steer downstream agents to answer in Chinese regardless of the user's language. In an orchestration skill, this is more dangerous than a cosmetic localization issue because it can alter agent behavior, reduce user comprehension, and create opportunities for prompt-level control over final outputs.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The domain trigger lists are broad and rely on simple keyword matching, so ordinary requests can be misclassified and routed to the wrong specialist. In an orchestration skill, misrouting can cause unintended delegation, excess access to context, or execution by a subagent with inappropriate capabilities, especially when 'operate' and other side-effecting paths exist.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The no-spawn rules use ambiguous phrases like 'What is', '配置', and '排障' without scope constraints, making it easy for important tasks to be incorrectly forced local or to bypass intended orchestration safeguards. In a routing template, imprecise control rules are security-relevant because they shape which agent gets authority, context, and responsibility for verification.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal