Openapi Docs Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a non-executable OpenAPI documentation helper, with some overly broad activation wording but no evidence of hidden access, persistence, data exfiltration, or destructive behavior.

This appears reasonable to install if you want OpenAPI or Swagger documentation help. Be aware that its trigger wording is broad and implicit invocation is enabled, so it may activate on some general API-documentation conversations; use explicit invocation or disable implicit invocation if you want tighter control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (10)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger sentences are generic and map to common API-documentation requests, which can cause the skill to activate in situations the user did not explicitly intend. In an agent environment, over-broad activation can route unrelated or sensitive requests into this skill, increasing the chance of incorrect handling, prompt cross-contamination, or unnecessary exposure of user context.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are broad and generic enough that the skill could activate on loosely related requests, causing unintentional routing or overreach. In an agent system, ambiguous activation increases the chance that the skill handles requests outside its intended scope and may influence outputs when the user did not explicitly ask for it.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill description and activation guidance are broad enough to match many requests that mention generic API or software-and-data terms, even when the user does not want OpenAPI documentation help. Over-broad routing can cause inappropriate skill activation, leading to irrelevant instructions, accidental context capture, or steering the assistant away from the user's actual intent.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The keyword list contains generic phrases such as 'software-and-data' and broad API-related terms that lack scope constraints. This increases the chance of false activations for unrelated development queries, which can degrade isolation between skills and make prompt-routing behavior easier to manipulate.

Vague Triggers

Low

Confidence: 88% confidence
Finding: The example triggers are malformed, truncated, and do not establish clear activation boundaries, which makes matching behavior ambiguous. Ambiguous trigger examples can broaden routing unpredictably and make the skill fire on partial or unrelated text patterns.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description and usage conditions are broad enough that it may activate for many ordinary API-related conversations, even when the user did not intend to invoke this specific skill. Over-broad activation can cause inappropriate routing, irrelevant instructions, or unwanted disclosure/processing of context, which is a real security and reliability issue in agentic systems.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The keyword list includes generic terms like 'software-and-data' and broad API/documentation phrases without contextual constraints, making accidental triggering likely. In an agent environment, this increases the chance that the wrong skill takes control of a conversation and produces actions or guidance outside user intent.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The default prompt uses a very broad natural-language trigger phrase covering common topics like software, data, OpenAPI, Swagger, API documentation, and REST APIs. Combined with implicit invocation, this increases the chance the skill is auto-selected during ordinary conversation, potentially routing user input to the skill unexpectedly and causing prompt-scope confusion or unintended tool use.

Vague Triggers

High

Confidence: 96% confidence
Finding: The trigger text is broad and malformed enough that an agent may invoke this skill for ordinary conversation that merely mentions help, APIs, or documentation. Over-broad activation can cause unintended routing, prompt-scope expansion, and increased exposure to adversarial user content that was not actually requesting this capability.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The invocation guidance lacks clear boundaries and includes ambiguous, malformed trigger phrases, which makes accidental or adversarial invocation more likely. In an agent system, unclear dispatch rules can be exploited to steer requests into a skill with a broader instruction set than intended, weakening routing integrity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal