Agent Harness Architect

Security checks across malware telemetry and agentic risk

Overview

This is mostly a useful advisory skill, but it includes under-scoped automatic learning-log and self-update instructions that could persist user details or change future agent behavior without clear approval.

Install only if you are comfortable disabling or manually controlling the self-improvement section. Do not paste secrets into agent configs or logs, and require the agent to ask before writing learning logs, modifying skill files, or committing generated changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs itself to write to a learning log and update the skill based on user interactions, which expands behavior beyond the stated purpose of diagnosing an agent harness and generating artifacts. This creates an unauthorized self-modification and data-retention pathway that could persist user-derived information or alter future behavior without review.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill describes automatic writing to learning logs and updates triggered by user interactions without warning or consent. This is dangerous because users may unknowingly cause retention of potentially sensitive operational details, and those details may influence future behavior or artifacts outside the original request scope.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal