Coach

Security checks across malware telemetry and agentic risk

Overview

This is a coaching prompt skill with no executable code, credentials, persistence, or hidden system access.

Install this if you want the agent to use coaching-style questions, accountability prompts, and action planning. Treat it as conversational support, not therapy, medical advice, legal advice, or crisis help, and avoid sharing sensitive personal details unless you are comfortable with the agent context handling them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill description is extremely broad and could plausibly match a wide range of ordinary user requests across many domains. Overly broad activation increases the chance this role is invoked unintentionally, causing prompt/skill hijacking of unrelated conversations and creating unpredictable behavior or policy bypass through inappropriate skill selection.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal