Parallel Dispatch

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only parallel task scheduling skill with some safety caveats, but no evidence of hidden execution, credential access, persistence, or exfiltration.

Install only if you want an agent to reason about parallel task execution. Before using it for writes, document creation, API calls, or other side-effecting work, require explicit user confirmation, cap concurrency, check rate limits, and verify that every submitted task completed rather than relying on the simple example unchanged.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill encourages parallel execution of independent tasks, including external queries and status checks, without warning about concurrent side effects such as duplicate requests, rate-limit violations, inconsistent state, or unintended actions across multiple systems. In an agent setting, this can amplify the impact of a single instruction by causing several external operations to run at once.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The batch-task examples explicitly include creating multiple documents in parallel without any warning or approval step. This is dangerous because parallelized write operations can rapidly cause bulk data creation, spam, quota exhaustion, or unintended large-scale modifications before a user can intervene.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal