Sub-agent Task Queue

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about managing concurrent sub-agents, but it encourages broad automatic spawning of parallel work with only limited guardrails.

Install only if you want your agent to run multiple sub-agents concurrently. Lower the concurrency defaults, require confirmation before starting new sub-agents unless explicitly requested, and store the queue file in a private user-owned location if task names may reveal sensitive work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 93% confidence
Finding: The setup uses shell redirection to write directly to a predictable world-accessible path in /tmp, which can overwrite an existing file and is vulnerable to symlink or race-condition abuse on multi-user systems. In this skill's context, the file stores only queue metadata rather than secrets or code, so the primary risk is integrity/disruption rather than severe compromise, but it is still an unsafe operational pattern.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal