Security audit

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This is a coherent skill-finder, but it should be reviewed because it encourages broad activation and global skill installs that skip confirmation.

Use this only when you intentionally want to search for installable skills. Before installing anything, review the skills.sh page and source repository, avoid `-y` unless you deliberately want to skip prompts, and prefer a non-global or reversible install path when available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The top-level description uses very broad triggers like 'how do I do X' and 'can you do X', which can cause this skill to activate for generic help requests rather than explicit skill-discovery requests. In context, that increases the chance the agent pivots into searching for and suggesting third-party installs when the user only wanted direct assistance, expanding exposure to unnecessary package discovery and installation flows.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The 'When to Use This Skill' section includes ambiguous, everyday requests like asking how to do a task or whether the agent can do something specialized, without requiring confirmation that the user wants a skill recommendation. Because this skill leads into package search and install guidance, overbroad activation can unnecessarily route ordinary conversations into potentially system-modifying recommendations.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill recommends `npx skills add <owner/repo@skill> -g -y`, which performs a global installation and suppresses confirmation prompts, but does not warn about the system-modifying effect or encourage review of the package source. In a skill specifically designed to discover third-party capabilities from external sources, this materially increases the risk of users installing untrusted code with reduced friction and less informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal