Back to skill

Security audit

Review

Security checks across malware telemetry and agentic risk

Overview

This is a text-only review helper that gives structured feedback and does not request tools, credentials, persistence, or external access.

Install if you want an agent to provide direct, structured feedback. Be aware it may activate on casual opinion requests, so avoid sharing material you do not want reviewed in that style.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger conditions are very broad and include common phrases like 'what do you think', 'check this for me', and 'does this make sense', which can cause the skill to activate for a wide range of ordinary conversations. Over-broad activation increases the chance of unintended routing, causing this reviewer persona to intercept requests better handled by other skills, including more specialized or safety-sensitive ones.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.