Back to skill

Security audit

Improvement Gate

Security checks across malware telemetry and agentic risk

Overview

The skill mostly fits a quality-gate workflow, but it has under-disclosed authority to modify local files during rollback and uses broad triggers that could activate it outside that workflow.

Install only if you want this skill operating inside a trusted improvement pipeline. Use trusted ranking and execution artifacts, keep the state root project-scoped, and verify rollback pointers before running gate.py. Consider narrowing the triggers before publishing or installing broadly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrase "human review" is very generic and likely to appear in ordinary conversations unrelated to this specific gate skill. That can cause unintended skill activation, pulling the agent into a workflow involving review queues, gate decisions, or stateful approval operations when the user did not intend to invoke this tool.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger "待审批" is highly generic in Chinese and can match many normal approval-related requests outside this skill's intended scope. This increases the chance of accidental invocation and context confusion, which is especially risky because the skill is designed to influence pass/reject/pending decisions and human-review queue handling.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.