Back to skill

Security audit

技能诊所

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed skill-diagnosis and skill-creation helper; its file access and edit tools fit that purpose, with only minor activation-scope caveats.

Install if you want help reviewing or creating skill files. Before letting it write changes, confirm the target directory and review generated triggers so new skills do not activate too broadly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list is broad and includes generic phrases such as “创建技能”, “设计技能”, and “skill clinic”, which can appear in ordinary discussion rather than a deliberate invocation. This raises the chance of accidental activation, causing the skill to read/write files or steer the interaction into diagnostic/creation workflows the user did not explicitly request.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The template leaves `metadata.trigger` as a generic placeholder ('触发关键字' / '触发:xxx') without requiring a narrowly scoped activation phrase, namespace, or collision-avoidance rule. In a skill-creation context, this can lead authors to define broad or ambiguous triggers that activate unintentionally, causing the wrong skill to run, override other skills, or respond to normal user text unexpectedly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.