Back to skill

Security audit

Improvement Gate

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local quality-gate skill that can roll back candidate changes and manage review records as part of its stated workflow.

Install this only for the intended improvement-gate pipeline. Use a dedicated state root and trusted ranking/execution artifacts, because rollback pointers can change local files and review decisions are persisted locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Low
Confidence
71% confidence
Finding
The CLI help text omits the implemented 'doubt' layer from the advertised available layers, which can cause users or calling automation to believe they are running the full documented gate set when they are not explicitly selecting it. In a security-sensitive approval pipeline, misleading interface documentation can result in misconfiguration that weakens review coverage and allows speculative or lower-quality changes to advance without the intended screening.

Vague Triggers

Medium
Confidence
82% confidence
Finding
Broad trigger phrases such as generic gate-check concepts can cause the skill to activate for common requests that were not intended to invoke a stateful quality gate. In this context, accidental activation is more dangerous because the skill is documented to make keep/revert/pending decisions and may restore backups or alter review state.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Several vague triggers increase the chance of false activation from ordinary quality-review or validation language. Because this skill can influence promotion, rejection, rollback, and human-review workflow state, ambiguous activation expands the attack surface for misrouting user requests into a more privileged decision path.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.