AI Workflow Operating System / AI 工作流操作系统

Security checks across malware telemetry and agentic risk

Overview

This is a text-only workflow skill for project planning, memory, research intake, and audit tracking, with sensitive actions disclosed and confirmation rules included.

Before installing, expect the skill to maintain local Docs/ project-memory and knowledge-governance files. Review any proposed permanent archive or cloud upload, especially for private documents, contracts, email attachments, financial records, or other sensitive materials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly instructs the agent to modify several repository state files, and potentially additional tracking artifacts, without any warning, confirmation step, or constraint on when such writes are authorized. In an agent context, this can cause unintended or unauthorized repository modifications, especially if invoked automatically or with broad workspace permissions.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The manifest describes a very broad, unified skill covering project planning, memory, file and web intake, governance, synthesis, and audit tracking without defining when each capability should activate or what inputs are in scope. In agent systems, vague activation boundaries can cause overreach into unintended tasks or sensitive content, increasing the chance of unsafe data handling and misuse of high-privilege workflow features.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal