Back to skill

Security audit

Work Productivity Ontology Typed Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only workflow helper with overly broad activation wording, but no evidence of hidden code, credential access, persistence, exfiltration, or destructive behavior.

Install only if you want a broad workflow-planning helper for ontology-style productivity work. Because implicit invocation and generic keywords are enabled, consider invoking it explicitly or narrowing its triggers if you do not want it to handle unrelated knowledge, graph, workflow, creation, or bug-fix requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (11)

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger phrases are broad enough to match many ordinary user requests about productivity, workflows, or bug fixing, which can cause the skill to activate outside its intended scope. Overbroad activation can misroute user tasks, override more appropriate skills, and increase the chance that unrelated prompts are handled under this skill's assumptions.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation guidance does not define clear boundaries for when the skill should and should not be used, leaving routing decisions ambiguous. In agent ecosystems, ambiguous scope can lead to accidental invocation, task capture from unrelated domains, and unreliable behavior that may bypass safer or more specialized skills.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are broad and map to common requests like needing a practical workflow or help with bug fixing, which can cause the skill to activate in situations far beyond its intended scope. In an agent ecosystem, overbroad activation can route unrelated user tasks into this skill, leading to incorrect handling, privilege overreach, or increased exposure to prompt-injection content embedded in normal conversations.

Vague Triggers

High
Confidence
96% confidence
Finding
The skill description is broad enough to match many routine requests about productivity, knowledge, graphs, workflows, or implementation support, which can cause the agent to invoke this skill outside its intended niche. Over-broad routing increases the chance of incorrect delegation, reduced answer quality, and accidental overshadowing of more appropriate or safer skills.

Vague Triggers

High
Confidence
98% confidence
Finding
The keyword list contains very generic terms such as 'knowledge', 'graph', 'structured', 'creating', and 'bug fix', any of which may appear in unrelated user requests. In systems that use trigger matching for tool or skill selection, this can cause frequent false activations and misrouting, potentially bypassing better-scoped skills and creating unsafe or confusing behavior.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The example triggers are vague, natural-language phrases that resemble ordinary help requests and do not clearly distinguish this skill from general assistance. These examples can implicitly encourage permissive matching behavior and expand the activation surface beyond the skill's real competency.

Vague Triggers

High
Confidence
93% confidence
Finding
The trigger keywords are very broad and include generic terms like "knowledge", "graph", "structured", and "creating", which can overlap with many unrelated user requests. This can cause the skill to activate outside its intended scope, leading to incorrect routing, reduced reliability, and accidental application of workflow guidance in irrelevant contexts.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description says to use the skill for broad categories such as work-productivity, ontology, typed, knowledge, and graph, but it does not define clear boundaries or exclusions. Ambiguous activation criteria increase the chance of misuse or over-triggering, especially in agent environments where routing may be automated.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The default prompt contains a very broad activation phrase tied to common productivity and workflow language, which can cause the skill to be invoked in many ordinary user requests that were not meant to use this agent. Over-broad matching increases the chance of unintended routing, exposing users to unexpected behavior and making prompt-injection or policy-confusion attacks easier to trigger through normal conversation.

Vague Triggers

High
Confidence
97% confidence
Finding
Enabling implicit invocation without strict trigger constraints allows the platform to auto-select this skill from ambiguous user input. In a broadly described productivity/ontology context, this can lead to frequent unintended activation, cross-skill confusion, and increased attack surface because malicious or malformed prompts may reach the skill without deliberate user selection.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger sentence begins with a very broad everyday phrase ('Help me') tied to a long natural-language requirement, which increases the chance that ordinary user prompts will unintentionally activate this skill. In an agent ecosystem, unintended activation can route tasks to the wrong workflow, causing confusing behavior, unsafe automation chaining, or unexpected use of this skill when the user did not explicitly request it.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.