Back to skill

Security audit

Preflight

Security checks across malware telemetry and agentic risk

Overview

This is a coherent pre-publication feedback skill that reviews user-provided draft content with AI personas, with privacy considerations around the configured model endpoint.

Reasonable to install if you want AI persona feedback before publishing. Treat any submitted draft as being sent to the configured model service, keep --base-url pointed at localhost or another trusted endpoint, and review any project-specific preflight-personas.md file before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad conversational prompts like 'check this copy' and 'will anyone care about this', which can match many ordinary user requests and cause the skill to activate unexpectedly. Over-broad activation increases the chance of unintentional file access, unexpected autonomous behavior, or the skill hijacking unrelated conversations where users did not explicitly request this workflow.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill sends arbitrary user-provided content to an HTTP API endpoint without any explicit notice, consent flow, or privacy warning. Even though the default target is localhost, the base URL is configurable and the content may include unpublished launch copy, pricing, announcements, or other sensitive material, so users can unintentionally transmit confidential data off-process or off-host.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.