Jury Review

Security checks across malware telemetry and agentic risk

Overview

This is a code-review workflow skill with a simple local scoring helper and no evidence of hidden access, data theft, persistence, or destructive behavior.

Safe for normal review use. Be aware that it may activate for broad review or quality-assessment requests, and only run the optional scorer against files you intentionally want reviewed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill advertises dynamic jury generation, selectable extreme reviewers, and iterative optimization, but the finding indicates the actual behavior is substantially narrower and mostly static. This kind of description-behavior mismatch can mislead users and downstream agents into overtrusting the skill's review depth, causing insecure or low-quality outputs to be accepted based on false assumptions about the rigor of the evaluation.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: Overly broad trigger phrases increase the chance that the skill is invoked in unrelated contexts, which can cause prompt-routing errors, unintended interception of user tasks, or inappropriate workflow application. In an agent ecosystem, accidental activation can disrupt expected controls and lead to unreliable or unsafe task handling, especially if users assume the chosen skill was intentionally selected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal