Signal First

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only writing-style skill that makes assistant answers shorter and does not request access to files, credentials, network services, or background execution.

Install this if you want shorter, denser answers. For legal, medical, security, financial, or other high-stakes work, tell the assistant to keep important caveats and full reasoning so brevity does not remove needed context.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The manifest description is very broad and generic, describing a common annoyance with model verbosity rather than a narrowly scoped trigger. In skill-routing systems, this can cause the skill to activate for many unrelated prompts, altering assistant behavior unexpectedly and potentially overriding more appropriate skills or user intent.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The keyword list contains many broad, everyday phrases such as general response-quality and brevity concepts, which substantially increases the chance of accidental invocation. Because this skill changes response style globally, unintended activation could suppress needed detail, reduce safety context, or interfere with task-appropriate formatting and explanations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal