Smart Spawn

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says, but it can send your task text to a third-party service without a clear privacy warning.

Use this only for non-sensitive task summaries unless you trust the operator of ss.deeflect.com. Do not send credentials, private code, customer data, internal plans, or hidden/system instructions; use a default/local model selection path for confidential work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs users to send arbitrary task descriptions to an external service but does not disclose that those prompts may contain sensitive user, business, or system data. In an agent setting, task descriptions often include internal context, credentials-adjacent information, proprietary plans, or user content, so silently routing them to a third-party endpoint creates a real data exfiltration and privacy risk.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: This section operationalizes repeated submission of complex task details and decomposition/swarm payloads to external endpoints, which can substantially increase the volume and sensitivity of disclosed data. Because complex tasks frequently embed strategic plans, codebase details, customer data, or system instructions, the skill amplifies the chance of exposing confidential information to a third-party API without any warning, filtering, or consent checkpoint.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal