Compare

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only comparison helper with local preference notes and no evidence of hidden execution, network access, or harmful behavior.

Install only if you are comfortable with the skill remembering comparison preferences in a local preferences.md file. Review or clear that file if you do not want past preferences reused.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: This markdown file names and describes the skill but does not specify concrete trigger phrases, when it should activate, or when it should not. Without explicit invocation boundaries or exclusions, a generic comparison-oriented request could unintentionally match this skill.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The markdown directs the skill to 'Update `preferences.md` by category,' which is a file write affecting persistent user data. The document does not warn the user that their preferences will be stored or updated, nor does it mention consent or confirmation for this behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal