Context Memory Optimizer

Security checks across malware telemetry and agentic risk

Overview

The available scan context suggests the skill may include guidance for avoiding static-analysis detection, but the underlying artifact was not available in the workspace for direct verification.

Before installing, review references/prompt-cache.md directly. If it tells users to change wording to avoid security scanners, require that language to be removed or clearly reframed through normal false-positive handling before trusting the skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 2

Medium

Confidence: 98% confidence
Finding: The document explicitly instructs users to replace a protected term with alternate wording specifically to avoid triggering static-analysis detection. That is not normal documentation hygiene; it is guidance for evading security controls, which increases the chance that prompt-injection or policy-relevant content will bypass automated review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal