Prompt Engineering Expert

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only prompt-engineering guide with one questionable refusal-troubleshooting example, but no hidden code, persistence, credential handling, or destructive behavior.

Install this if you want prompt-writing and prompt-debugging reference material. Use the refusal-troubleshooting advice only for legitimate, safe requests, and do not use the skill to rephrase harmful requests to bypass model safeguards.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Ssd 1

Medium

Confidence: 94% confidence
Finding: The troubleshooting guidance recommends fictional framing as a way to obtain analysis of manipulative behavior after a refusal. Even though presented as a writing or psychology context, this normalizes a refusal-bypass pattern: repackaging harmful intent into a narrative frame to elicit operationally useful guidance about manipulation tactics.

Ssd 2

Low

Confidence: 90% confidence
Finding: The advice to 'clarify legitimate purpose,' 'reframe the question,' and 'explain why you need this' can teach users how to paraphrase disallowed requests to get past model refusals. In a prompt-engineering skill, this is more sensitive because the audience is specifically learning techniques to shape model behavior, making safety-bypass patterns more actionable.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal