Back to skill

Security audit

Openapi Docs Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation helper for OpenAPI and Swagger work, with no executable code or hidden high-impact behavior found.

Install this if you want help with OpenAPI or Swagger documentation. Be aware it may trigger on broad API or developer-experience wording, so explicitly invoke it for API documentation tasks and review any generated specs or workflow recommendations before applying them to a real service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger sentences are broad enough that the skill may activate for loosely related requests without clear boundaries or exclusion criteria. In an agent setting, overbroad activation can cause inappropriate routing, unintended instruction injection into unrelated tasks, or accidental handling of requests outside the skill's intended OpenAPI-documentation scope.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are very broad and partially templated, so the skill could be invoked in contexts where the user did not clearly request this specific capability. In an agent ecosystem, ambiguous invocation expands the attack surface by increasing unintended tool selection, which can lead to irrelevant actions, context leakage into the skill, or user confusion.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description uses very broad routing terms such as 'software-and-data' and generic requests for workflows, artifacts, analysis, or implementation support. This can cause the skill to activate for many unrelated engineering tasks, increasing the chance of misrouting users into an OpenAPI-focused workflow that is not appropriate for their request. In a skill-routing system, overbroad activation is a real security and safety issue because it can bypass more suitable specialized skills or inject irrelevant instructions into unrelated contexts.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger examples are phrased in a generic way ('Help me...', 'I need a practical workflow...') without enough unique OpenAPI-specific structure. These examples can bias invocation or matching systems toward selecting the skill for vague requests, which increases false activations and reduces routing precision. The risk is somewhat limited because the surrounding skill content is clearly about API documentation, but the generic examples still weaken boundaries.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation description is very broad and ties the skill to common terms like software, API documentation, and REST API without strong scoping rules. This can cause the skill to trigger in unrelated conversations, leading to inappropriate context injection, user confusion, or overshadowing of a more suitable skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The keyword list is ambiguous and lacks scope boundaries or disambiguation logic, so generic terms like 'swagger', 'rest api', or 'developer experience' may match many unrelated requests. In a skill-routing system, this increases the chance of false activation and may steer users into an irrelevant workflow or expose them to unintended instructions.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The default prompt uses a very generic help-oriented activation phrase tied to broad software and API documentation terms, which can overlap with ordinary user requests and cause implicit invocation when the user did not clearly intend to call this skill. Because implicit invocation is enabled, this increases the chance of unintended routing, prompt interference, or over-collection of user context into the skill.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger sentence is broad enough to match ordinary user phrasing such as asking for help with backend or platform documentation work, which can cause the skill to activate in contexts beyond the author's intended scope. Overbroad activation increases the chance of inappropriate routing, prompt injection exposure through unnecessary skill invocation, and user confusion about why this skill was selected.

Vague Triggers

Medium
Confidence
92% confidence
Finding
This trigger sentence is ambiguous because it does not define clear boundaries for when the skill should activate and relies on a vague natural-language pattern that could match unrelated requests. Ambiguous routing can cause the system to invoke the skill unexpectedly, potentially overriding better-matched skills or exposing the model to unnecessary adversarial skill content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.