Security audit

find-skills-combo

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent skill-discovery helper, but it broadly routes user requests into external skill search and presents global no-confirm install commands as normal next steps.

Review candidate skills and their sources before installing anything. Prefer install commands without `-g -y`, require explicit approval for each install or update, and treat global skill installs as persistent changes to the agent environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The metadata says to use this skill whenever the user asks broad questions like 'how do I do X' or 'find me a skill', and even claims it supersedes simpler search. That can cause the agent to invoke a more complex workflow than necessary, increasing the chance of irrelevant searches, unwanted recommendations, or steering the user into installs they did not explicitly request.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The 'when to use' criteria overlap heavily with ordinary help requests and only weakly constrain when fallback should be used. In a skill that can search for and recommend installations, ambiguous invocation increases the risk of unnecessary tool use and overbroad capability discovery on simple prompts.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation normalizes `npx skills add <package> -g -y`, which performs global installation and suppresses confirmation. Presenting auto-install syntax without a safety warning makes it easier for an agent or user to execute package installation non-interactively, increasing supply-chain and unwanted system modification risk.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The recommended final output explicitly tells the agent to present global, confirmation-skipping install commands as the normal next step for both strategies. In context, this is more dangerous because the skill is designed to discover and recommend third-party skills, so it directly couples discovery with low-friction installation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.