Pipeline

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed pipeline-orchestration skill that can run multiple project skills after user confirmation, with optional external launcher scripts users should trust separately.

Install this only if you want an agent to coordinate multi-step research or development workflows. Read the confirmation prompt carefully, run it in the intended project directory, and avoid the optional launcher scripts unless you separately trust the plugin that provides them. If a pipeline resumes unexpectedly, inspect or delete the documented .solo pipeline state file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill advertises broad natural-language triggers such as "full pipeline," "loop until done," and "research and validate," which can cause the orchestrator to invoke this high-privilege chaining skill when the user may only be discussing those concepts rather than explicitly requesting automation. Because this skill can launch multiple downstream skills and Bash commands, accidental invocation expands the blast radius beyond a single task.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal