A2a

Security checks across malware telemetry and agentic risk

Overview

This is a small agent-to-agent WebSocket helper; install it only when you intend to send task data to other agents you choose.

Use this skill only with trusted agent endpoints, preferably wss://. Do not send secrets, private files, credentials, or sensitive personal data to unknown agents, and expect that delegated prompts or parameters may be visible to the remote agent operator.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill advertises broad triggers such as calling other agents, delegation, and cross-platform collaboration without clear scoping or user-confirmation boundaries. In a skill that can discover and invoke external AI agents, ambiguous invocation guidance increases the chance of accidental activation for ordinary requests, which could lead to unintended remote interactions or data being sent off-platform.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: This skill is specifically designed to discover and invoke other agents over remote endpoints, including WebSocket URLs, yet the description does not clearly warn users that prompts or data may be transmitted to external systems. That omission is dangerous because users may unknowingly trigger network access, delegation, or disclosure of sensitive content to third-party agents outside the local trust boundary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal