Worker Executor

Security checks across malware telemetry and agentic risk

Overview

This is a simple prompt-only skill that tells an assistant to execute assigned tasks, with no code, hidden access, or persistence.

Install this if you want a general execution-role prompt for clearly assigned tasks. Because the trigger terms are broad, give concrete boundaries for sensitive work and review outputs before applying them to important systems or accounts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger description is extremely broad and includes many generic roles such as worker, executor, builder, researcher, marketer, and writer. This can cause the skill to activate in contexts where it was not intended, increasing the chance that a lower-scope execution role takes control of tasks without proper routing or review.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal