Fix

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed behavior-correction workflow, but it can be triggered by broad everyday phrases and then requires persistent edits to agent prompts, rules, task state, and possibly hooks.

Install only if you want an aggressive self-correction workflow that may update your agent's persistent behavior instructions. Prefer using it with explicit `fix:` requests or `--plan`, and review any proposed edits to skills, rules, memory files, AGENTS.md/CLAUDE.md, or hooks before allowing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 95% confidence
Finding: The skill is activated by very broad natural-language phrases such as 'fix this', 'correct', and 'why not', which are common in ordinary conversation and not clearly scoped to safe maintenance tasks. This can cause unintended invocation of a high-authority workflow that edits prompts, rules, hooks, and task state, increasing the chance of unauthorized or surprising behavior changes.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger section repeats ambiguous behavioral phrases without defining boundaries, exclusions, or required user intent verification. In context, this is risky because the skill does more than answer questions: it performs root-cause analysis, modifies persistent prompt artifacts, and resumes work, so accidental activation can lead to unintended state changes.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal