Back to skill

Security audit

North Star Metric

Security checks across malware telemetry and agentic risk

Overview

This is a plain strategy-coaching skill for choosing a North Star Metric, with no executable code, credentials, persistence, or system access.

Installers should treat this as a product-strategy guidance skill, not an automation tool. The main practical risk is that it may steer some broad metrics discussions toward North Star Metric framing too early; users can ignore or override that framing when they only need tactical KPIs or early discovery help.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation metadata includes broad natural-language triggers such as 'what should we optimize?' and references to dashboard confusion that can arise in many unrelated contexts. This can cause unintended invocation of the skill, leading the agent to prematurely steer conversations toward NSM framing when the user's actual need may be different.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The 'Use when' section repeats similarly broad triggers, including common phrases and general situations like having too many metrics, without enough scope checks to distinguish NSM selection from adjacent topics such as tactical KPI tuning or early-stage discovery. Repetition of ambiguous triggers increases the chance that an orchestration layer or agent will over-select this skill inappropriately.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.