Title Replier

Security checks across malware telemetry and agentic risk

Overview

This skill only adds random title labels to assistant replies and stores a small local history, with no evidence of network access, credential use, or unrelated system control.

Install this only if you want assistant replies styled with title prefixes. Avoid using it where exact output formatting matters, such as JSON, code-only answers, or safety-critical instructions. Be aware that some documented configuration and import features do not appear to be implemented, and the skill keeps a local history of used titles.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill states it will automatically add titles to replies without defining clear activation boundaries, opt-in conditions, or scope limitations. In an agent environment, always-on behavioral modification can unexpectedly alter every response, including safety-critical, structured, or user-requested output, creating prompt-scope and output-integrity risks even if the feature itself is not overtly malicious.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal