Besom Broom Making Basics

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed instructional craft skill for making natural brooms, with no executable code or hidden high-impact behavior found.

Install only if you actually want an agent to help with natural broom making. Be aware it may ask for photos, approximate location, and local progress files, and you should still verify plant safety, harvesting legality, and sharp-tool precautions yourself.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger criteria are broad enough to activate in many ordinary situations involving cleaning tools, barter, or self-reliance, which can cause the agent to inappropriately steer users into a niche craft workflow. Over-broad activation increases the chance of irrelevant or unsafe guidance being surfaced to users who did not explicitly ask for harvesting, toolmaking, or barter-related assistance.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal