Back to skill

Security audit

Minimalist

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed coding-style skill that pushes smaller code changes and does not include hidden executables, credential access, network activity, or destructive behavior.

Install this if you want an agent that consistently pushes for smaller, simpler coding changes. Be aware it may push back on speculative scope and stay active across coding replies until turned off with the documented command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill declares very broad activation conditions ('ANY coding task' plus many keyword triggers), which can cause it to activate in contexts the user did not explicitly intend. In a multi-skill or automated routing environment, this can override more appropriate behavior and systematically bias outputs toward code minimization, increasing the chance of omitted requirements or safeguards through misapplication.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The 'ACTIVE ON EVERY RESPONSE' and 'it applies' persistence language creates an always-on behavioral override that can continue affecting responses beyond the user’s immediate request. This is risky because persistent, ambiguously scoped instructions can suppress normal agent behavior, conflict with other policies, and make it harder for users or orchestrators to predict when the skill is in effect.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.