Skill Discovery SEO

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper for improving skill metadata and discoverability, with no executable code or hidden access requests.

Reasonable to install for help polishing skill metadata and listing text. Review generated copy before publishing so it does not overstate scope, platform support, trust, or capabilities.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The frontmatter description is extremely broad and explicitly targets many ecosystems, tasks, and phases of the skill lifecycle, which can cause the skill to be selected for loosely related requests. In an agentic environment, overbroad routing language increases the chance of inappropriate invocation, metadata poisoning, or trust inflation where the skill is chosen outside its real competence.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal