Agent-Skills-for-Context-Engineering

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent context-compression guidance with a local evaluation script; its main risk is that users may include sensitive conversation details in summaries or optional judge evaluations.

Reasonable to install for context-compression workflows. Treat generated summaries as potentially sensitive because they may preserve file paths, user goals, decisions, and excerpts from prior conversation. If you adapt the LLM-judge example, review and redact compressed context before sending it to any external model provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The production example shows sending the probe, model response, and compressed context to an external LLM judge. Because this component evaluates compressed conversation history, those fields may contain sensitive user data, prior prompts, file contents, secrets, or internal reasoning context; the code provides no minimization, redaction, consent, or disclosure controls around that transfer. In a context-compression skill, this is more dangerous than usual because the very purpose of the module is to process and score conversation history, increasing the likelihood that broad session content is forwarded wholesale.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal