TED Talks

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only TED Talks skill with mismatched course/exam wording, but it does not request code execution, credentials, persistence, or sensitive access.

This appears safe to install from a security perspective, but users should treat it as low-quality or mislabeled until the author rewrites it to actually describe TED talk search, subtitles, and summaries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The skill metadata claims to provide TED talk insights, bilingual subtitles, and key-point analysis, but the body describes an unrelated exam-prep/course platform with filters like mock exams, certificates, and paid subscriptions. This mismatch can mislead users and any calling agent about the skill’s actual behavior, increasing the risk of deceptive invocation, inappropriate data collection, or routing users into unrelated commercial flows.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The example phrases are generic help-seeking prompts such as asking how to use the skill for a specific scenario or asking about features and offers. Broad triggers like these can cause accidental or overbroad invocation by an agent router, especially when the documented functionality is already ambiguous, leading the skill to activate in contexts the user did not intend.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal