Back to skill

Security audit

Leatherworking Basics

Security checks across malware telemetry and agentic risk

Overview

This is a coherent leatherworking planning skill with disclosed file/log use and safety caveats, not hidden or harmful behavior.

Install only if you want agent help planning leather projects, creating patterns, and maintaining logs or reminders. Keep control over where files are saved, share only needed measurements or photos, and do not rely on this skill for certified repair or fabrication of life-safety, load-bearing, equestrian, regulated commercial, or other structurally critical gear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill uses broad activation language ('Use this skill any time') across common repair and customization scenarios, which can cause over-invocation without sufficient gating. In this context, that increases the chance the agent will provide planning guidance for projects with elevated physical or safety risk, such as knife sheaths or tack-like load-bearing items, despite only narrow exclusions later in the document.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.