Space Query Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed query-building skill for internet asset search, but users should keep it to authorized defensive work.

Install only if you want help constructing asset-discovery or security search queries, and use it only for systems you own or are authorized to assess. Treat vulnerability and exposed-service examples as defensive research aids, not permission to probe third-party targets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly promotes searches for exposed databases, login pages, and CVE-affected hosts, but provides no limitation to authorized security testing, defensive asset inventory, or lawful use. In a skill whose purpose is to build internet asset discovery queries, that omission lowers friction for reconnaissance and vulnerability targeting, which can directly support unauthorized scanning and attack preparation.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrase includes an open-ended catch-all ('or similar queries'), which can cause the skill to activate for requests outside its intended scope. In a security-sensitive skill that helps build asset discovery and vulnerability-search queries, overbroad activation increases the chance of unsolicited offensive-security assistance or inappropriate routing of benign user requests into a high-risk workflow.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal