Back to skill

Security audit

Proactive Agent Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This appears to be a documentation-only automation planning skill with overly broad trigger wording but no evidence of hidden execution, data access, persistence, or malicious behavior.

Installers should treat this as a planning and design aid, not an authorization to create recurring automations or monitoring on its own. Review any workflow it proposes before enabling notifications, API integrations, scheduled jobs, or actions that affect business systems.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description uses broad terms such as automation, notifications, workflow, and review support that can match many ordinary user requests. This can cause the skill to activate outside its intended scope, leading the agent to apply proactive-monitoring guidance in unrelated contexts and increasing the chance of unintended behavior or prompt-surface expansion.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The listed trigger keywords are too generic to uniquely identify this skill, especially terms like automation, notifications, workflow, and monitoring. Over-broad triggers can cause accidental invocation on routine productivity requests, which may misroute the agent, apply the wrong instructions, and create unnecessary exposure to proactive-action patterns where they were not requested.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest’s default prompt and description encourage broad, proactive workflow design without clearly constraining when the skill should be invoked or what conditions must be met first. Combined with implicit invocation, this can cause the agent to activate in loosely related contexts and propose or initiate workflow actions beyond the user’s intended scope, increasing the risk of overreach, privacy issues, or unwanted automation.

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger sentences are extremely broad and partially malformed, making accidental invocation likely during ordinary conversation. In an agent-routing context, this can cause the wrong skill to activate, leading to confused delegation, unintended automation guidance, or responses that bypass more appropriate safeguards for the user's actual task.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.