OGT Docs Create

Security checks across malware telemetry and agentic risk

Overview

This is a documentation helper that creates local docs files as advertised, with no evidence of hidden networking, credential access, or destructive behavior.

Install this if you want an agent to help create project documentation. Treat the included shell snippets as write operations: run them only in the intended repository, review generated paths and diffs, and use extra care with the batch example because it can create several files at once.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description is very broad ('Create new documentation entities... Use when adding any new documentation'), which can cause the agent to invoke this root skill for a wide range of generic documentation-related requests. That overbroad routing increases the chance of unintended file creation or modification workflows being selected without sufficient user confirmation or narrower scope checks.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal