Skill Test

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only helper for testing other skills in isolated sessions, with one minor privacy note about saving comparison preferences.

Reasonable to install for skill testing. Keep candidate skills in isolated sub-agent sessions, review any untrusted skill text before running commands, verify temporary paths before cleanup, and avoid recording sensitive task context or real credentials unless the user explicitly wants that retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 79% confidence
Finding: The skill advises recording user preferences, reasons, and task context for future recommendations without any data minimization, consent, retention, or sensitivity guidance. This can lead to unnecessary collection of potentially sensitive user data and creates privacy risk if the stored context includes confidential prompts, business information, or personal preferences.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal