Security audit

Validate Agent

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only validation checklist that may activate broadly but does not include code, credential access, networking, or hidden behavior.

Safe to install as a validation aid. Use it deliberately for important answers, code fixes, and handoffs if broad automatic activation becomes noisy, and do not store secrets or sensitive business details in promises.md.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill declares trigger conditions such as '完成任务时' and '提供答案前', which overlap with routine agent behavior and can cause the skill to activate on a large fraction of normal interactions. Over-broad activation increases prompt injection surface, instruction interference, and workflow disruption because the skill may insert itself into unrelated tasks without clear user intent or scoping.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list is ambiguous and lacks limiting conditions, so different agents or runs may interpret it inconsistently and invoke the skill in ordinary workflows. This creates reliability and security risk by making behavior non-deterministic and allowing the skill to override or delay primary task execution too broadly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.