Back to skill

Security audit

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate skill-discovery helper, but it too broadly steers normal help requests toward installing third-party skills and recommends global installs that skip confirmation.

Use this skill only when you explicitly want to search for or install reusable skills. Before installing anything it suggests, review the package source and identity, avoid `-y`, avoid global `-g` unless you really want persistent user-level installation, and ask the agent to get explicit approval before changing your skill environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough that it could trigger on many ordinary help requests, causing the agent to steer users toward external skill discovery and installation when they may have only wanted direct assistance. In a security context, unnecessary invocation increases exposure to package discovery and install flows from third-party sources, expanding the attack surface and creating opportunities for unsafe recommendations.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The invocation rules include generic phrases like 'how do I do X' and 'can you do X,' which are ambiguous and overlap with normal assistant usage. This makes the skill more likely to activate in unintended situations and funnel routine requests into a package-search/install workflow, which is riskier than providing a direct answer because it may introduce unvetted third-party code or instructions.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill advises using `npx skills add <owner/repo@skill> -g -y`, which combines global installation with confirmation bypass and no prominent warning about trust, scope, or system impact. In this skill's context, that is especially dangerous because the entire workflow is about discovering and installing skills from external sources, so normalizing one-step unattended installs can lead users to install unreviewed packages or capabilities system-wide.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.