Prd Reviewer

Security checks across malware telemetry and agentic risk

Overview

This PRD review skill is purpose-aligned, with the main caution that its example document extraction can leave PRD text in a local temp file.

Install only if you are comfortable using it on PRDs you are allowed to process. For confidential documents, avoid or modify the /tmp/prd.txt extraction step, use a private temporary file if needed, and delete any extracted plaintext after review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill description and trigger scenarios are broad enough that an agent could invoke this skill for loosely related PRD or scoring requests without strong boundaries or confirmation. Over-broad invocation increases the chance of unintended activation, causing the model to apply rigid scoring logic or file-handling instructions in contexts the user did not explicitly authorize.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill embeds a shell/Python workflow that reads a local .doc file and writes extracted contents to /tmp/prd.txt without any user disclosure, consent, or platform guardrails. Even though the command is framed as operational guidance, such instructions normalize unsandboxed file access and file creation, which can lead to unintended processing of sensitive documents or unsafe agent behavior if executed by an integrated system.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal