Back to skill

Security audit

Safe Skill Advisor

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill-security checklist, with no hidden code or credential access, but its activation language is broader than ideal.

Safe to install as a checklist-style advisor. Treat its scanner recommendations and security statistics as guidance, verify third-party tools before installing them, and avoid sharing command-history or process/network output until you have checked it for secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill advertises invocation phrases like "Is this skill safe?" and related everyday wording that are broad enough to match common user questions outside a narrowly scoped context. This can cause the skill to activate unexpectedly and steer responses toward its preferred tools, reporting channels, and claims, creating prompt-scope hijacking and response interference risk.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The mandatory directive says the skill must act whenever the user asks any question about skill security, which is an overly broad activation condition. Because it is framed as a system-like instruction to the assistant, it can override or intrude into unrelated conversations about security and bias the model's behavior without explicit user request for this skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The report states the skill will activate or respond meaningfully to the single generic keyword “技能”, which is overly broad and can cause unintended triggering in ordinary conversation. Broad activation increases the chance the skill injects unsolicited guidance into unrelated contexts and makes prompt-routing behavior easier to abuse or manipulate.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.