Back to skill

Security audit

Team Collab Repo

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed team-workflow helper; its main risk is broad trigger wording that could activate a multi-role workflow when the user meant a normal planning request.

Install only if you want broad team-collaboration phrasing to trigger this workflow. Use explicit wording when invoking it, review before using advanced model-switching because it may involve multiple model sessions and cost, and run the project initialization script only in a directory where creating a new project folder is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation phrases are very broad and map to ordinary user requests such as collaboration, role-splitting, or working 'like a company.' This can cause unintended skill activation, which may override normal agent behavior and route benign conversations into a complex multi-role workflow the user did not explicitly request.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The top-level trigger phrases such as '团队协作', '多角色', '分工', and '像公司一样' are broad natural-language expressions that can easily appear in ordinary user requests. This can cause unintended skill activation, unexpectedly changing the assistant's behavior and potentially invoking multi-step orchestration or extra model usage without clear user intent.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The startup examples like '用团队协作模式做这个项目' and '像公司一样分工完成' are conversationally common and lack a hard-to-misfire activation boundary. In practice, normal project-planning requests could accidentally match these phrases and trigger the skill when the user only meant a general instruction style.

Vague Triggers

Low
Confidence
78% confidence
Finding
The advanced-mode triggers, especially phrases like '切换模型协作', are generic enough to be referenced in discussion rather than as an actual command. Because advanced mode implies spawning multiple sub-sessions/models, accidental activation can have higher operational consequences even if the trigger itself is only moderately risky.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill metadata uses broad trigger phrases such as “团队协作”, “多角色”, “分工”, and “像公司一样”, which are common in ordinary project discussions and can cause unintended invocation. In an orchestration skill that may alter execution mode or spawn multi-step workflows, accidental activation can redirect the assistant into performing actions the user did not explicitly request.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The startup examples are phrased like normal conversational requests rather than explicit skill commands, so ordinary user language could be misinterpreted as a request to activate the workflow. Because this skill changes behavior across multiple roles and stages, unintended activation may lead to overproduction of content, wrong task framing, or unnecessary downstream actions.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The advanced-mode triggers are especially risky because they are broad natural-language phrases tied to a mode that claims to spawn sub-sessions and switch models. If matched unintentionally, the skill could initiate a more powerful orchestration path than the user intended, increasing cost, complexity, and the chance of unsafe propagation of prompts or outputs between stages.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.