Back to skill

Security audit

技能查找

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed skill-discovery helper, but users should be deliberate before installing any third-party skill globally.

Use this skill for finding skills, not as a default answer to ordinary how-to questions. Before installing anything, review the skills.sh or GitHub source, consider omitting `-y` so the CLI asks for confirmation, and remember that `-g` installs the selected skill globally for future agent use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description and trigger language are broad enough that the skill may activate for generic capability questions like 'how do I do X' or 'can you do X,' even when the user is not explicitly asking to discover or install third-party skills. In this context, unintended activation can steer conversations toward external package discovery and installation, increasing the chance of unnecessary exposure to unreviewed third-party code.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation guidance lists many common user phrasings but provides no meaningful boundaries or negative conditions, so the agent could invoke this skill in situations better handled directly. Because this skill leads into searching for and potentially installing external skills, ambiguous routing increases the risk of supply-chain exposure and user confusion about why installation is being suggested.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill recommends `npx skills add <owner/repo@skill> -g -y`, which performs a global install and suppresses confirmation prompts, but it does not warn the user about the trust and system-wide implications of doing so. In a skill whose purpose is discovering third-party packages from external sources, this materially raises the risk of silent installation of unreviewed code with broad persistence on the user's environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal