Agent Stability Framework

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed agent self-monitoring framework with limited logging behavior, though its style rules should not be allowed to suppress important safety caveats.

Reasonable to install if you want agent self-monitoring and drift logs. Review the framework language first and make sure your agent still gives safety warnings, uncertainty, and clarifying questions when the task calls for them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The framework explicitly tells agents to suppress disclaimers, hedging, and other default safety-language as a standing rule, regardless of task context. That can weaken important uncertainty signaling and risk communication, especially in safety-sensitive, legal, medical, financial, or security-relevant interactions where caveats and clarification are necessary to prevent harmful overconfidence.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal