Nvidia smi tutorial

Security checks across malware telemetry and agentic risk

Overview

This appears to be a GPU troubleshooting skill with one safety caveat around manually killing processes, not evidence of hidden or malicious behavior.

Installers should treat this as a normal troubleshooting aid, but only terminate GPU processes they own or are authorized to stop. On shared machines, verify the PID with nvidia-smi and ps, prefer graceful shutdown first, and ask an administrator before stopping another user's job.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill explicitly instructs users to run `kill <PID>` to free GPU memory, but provides no caution about verifying process ownership, confirming the target, or the operational impact of terminating jobs. In a GPU troubleshooting context this can cause accidental denial of service, loss of work, or termination of other users' workloads, especially on shared multi-user systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal