Back to skill

Security audit

Skill Creator V31

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed skill-authoring assistant that can create local skill files, with some over-broad trigger wording users should notice before installing.

Install this if you want an assistant that helps create new skill files locally. Be aware that its trigger wording is broad, so for purely conceptual questions about skill creation you may want to explicitly ask for explanation only and not file creation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill declares it 'MUST' be invoked immediately for any request related to creating or adding a skill, using broad trigger language that can match many routine discussions about skills. This can cause unintended auto-invocation, steering the agent into file-creation or workflow-changing behavior before clarifying user intent, which increases the chance of mis-execution and unsafe side effects.

Natural-Language Policy Violations

Low
Confidence
81% confidence
Finding
The skill sets a default language policy ('Default English for mixed environments') without explicit user consent. While not a direct security exploit, it can override user expectations or organizational language requirements and may lead to misleading or noncompliant outputs in multilingual contexts.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The manifest description uses broad triggers like 'when user sends meeting notes, transcript, or asks to extract action items from a meeting,' which can match many ordinary collaboration inputs without tight boundaries. This can cause over-activation of the skill, leading to unintended processing of user content, incorrect tool routing, or overshadowing of more appropriate skills.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.