Skill Vetting

Security checks across malware telemetry and agentic risk

Overview

This is a coherent skill-vetting tool whose risky-looking strings are scanner patterns and examples, not hidden behavior.

Install only if you want a conservative skill-review helper. Inspect the Python scanner before first use, run it against downloaded skills in /tmp or another sandbox, and treat its findings as leads to investigate rather than automatic proof of malice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill clearly instructs the use of network access, shell commands, and file reads, yet the manifest shown declares only name and description with no explicit permissions. This creates a transparency and least-privilege problem: installers and policy systems cannot accurately assess what capabilities the skill will use before running it.

Vague Triggers

Medium

Confidence: 77% confidence
Finding: The description is broadly phrased to apply whenever a user is considering installation, evaluating third-party code, or assessing utility, which may cause this skill to trigger in many ordinary contexts. Overbroad activation is risky because it can insert a powerful skill with shell/network guidance into unrelated workflows and expand the attack surface.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal