Eli Prompt Guard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed prompt-injection guard that scans outbound automated submissions and pauses risky ones for owner review.

Install this if you want automated outbound posts, forms, API calls, or shared file writes checked before submission. Confirm who the configured Owner is, whether full-content review is acceptable for your data, and keep platform and logging settings scoped to the workflows you actually use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The catch-all trigger 'Any automated task that involves external submission' is broad enough to fire in ambiguous contexts, which can cause inconsistent enforcement or guard bypass if integrators interpret it differently. In a protection skill, vague activation criteria reduce reliability and may leave risky submission paths unchecked.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger 'Executing commands that include user-provided content' is underspecified and does not clearly define what counts as a command, which execution environments are covered, or whether indirect/template-expanded content is included. That ambiguity can lead to partial deployment and missed checks before dangerous command execution flows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal