Back to skill

Security audit

Work Productivity Skill Vetter Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only workflow helper with overly broad activation wording, but it does not install code, request credentials, persist, or perform hidden actions.

Install only if you want a general Skill Vetter workflow helper. Be aware that its broad trigger words may cause accidental activation for unrelated security, GitHub, or bug-fix requests; prefer explicit invocation by skill name if your agent supports it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (11)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger examples are broad, generic phrases that can match ordinary user requests such as asking for help with security, GitHub, bug fixes, or practical workflows. In an agent-routing context, this can cause the skill to activate unexpectedly, diverting unrelated requests into this workflow and potentially exposing users to unintended instructions or analysis paths.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad and include generic terms such as 'security', 'first', and 'github', which can cause the skill to activate in unrelated conversations. In an agent environment, over-broad activation can route sensitive or unintended tasks into this workflow, increasing the chance of incorrect handling, prompt interference, or user confusion about which skill is operating.

Vague Triggers

High
Confidence
96% confidence
Finding
The skill description includes very broad activation language such as 'security' and 'first' that can match many ordinary requests unrelated to this specific workflow. Over-broad routing can cause the wrong skill to activate, leading to irrelevant or lower-safety guidance being applied in contexts where a more specialized skill should handle the request.

Vague Triggers

High
Confidence
98% confidence
Finding
The trigger keyword list contains generic terms including 'security', 'first', 'before', 'github', and 'bug fix' without qualifiers. In an agentic environment, such vague triggers can hijack many unrelated user requests, causing unintended tool or skill selection and increasing the chance of unsafe or incorrect workflow application.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example trigger sentences are unnatural and do not clearly show when the skill should or should not be invoked. Poor examples weaken boundary-setting for downstream routing systems and maintainers, making accidental activation more likely and reducing confidence that the skill will be used only for its intended security-adjacent niche.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger keywords are extremely broad, including generic terms like "security", "first", "before", "github", and "bug fix", which can cause the skill to activate in many unrelated conversations. This creates an overbroad routing condition that may unexpectedly inject this skill's workflow into contexts where it was not intended, reducing reliability and potentially interfering with safer or more appropriate skills.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation description says to use the skill for broad classes of requests such as work-productivity, security, analysis, or implementation support, without defining concrete boundaries. This ambiguity increases the chance of accidental invocation in unrelated tasks, which can misroute user requests and cause unintended handling of sensitive or security-adjacent prompts.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The example trigger phrases are malformed, truncated, and inconsistent, so they do not provide dependable invocation guidance. Poor examples make activation behavior less predictable for users and maintainers, increasing the chance of accidental or failed triggering and undermining trust in the routing logic.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The default_prompt and description are broad and keyword-heavy, which increases the chance of implicit or unintended invocation for loosely related requests such as 'security', 'first', or generic workflow help. Because the policy explicitly allows implicit invocation, the ambiguity materially raises the risk that the skill activates outside its intended scope and influences user interactions unexpectedly.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger sentence begins with a very broad everyday phrase ('Help me') combined with generic security/productivity wording, which can cause the skill to activate in many unrelated conversations. In an agent environment, unintended invocation can route user requests into the wrong workflow, producing irrelevant actions or analyses and increasing the chance of unsafe automation or confusing results.

Vague Triggers

Medium
Confidence
90% confidence
Finding
This trigger remains ambiguous because it uses broad natural-language phrasing ('I need a practical workflow for...') without a clear activation boundary or unique discriminator. That makes accidental matching likely, especially since the skill covers common topics like security, GitHub, bugs, and workflows, so unrelated user requests could invoke it unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.