Debate Learning Workflow

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only debate workflow that discloses local note files and shows no hidden code, credential access, or destructive behavior.

Safe to install based on the provided artifacts. Expect the skill to create or append debate and lesson Markdown files on your Desktop, and avoid using sensitive topics unless you are comfortable with those notes being saved locally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The skill explicitly instructs writing debate outputs to fixed paths on the user's Desktop and home directory without any warning, consent, or mention of filesystem side effects. Even though the files are ordinary markdown artifacts, silent local file creation/modification can violate user expectations, overwrite existing notes, or leak sensitive debate content into predictable locations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal