Learn Graph

Security checks across malware telemetry and agentic risk

Overview

This is a simple learning-guidance skill with no code, credentials, persistence, or external data access.

Install if you want an agent to help structure learning plans with concept maps. Expect it may activate for broad learning-path questions; users who only want a quick explanation may prefer not to invoke this skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is broad enough to match many generic learning and planning requests, which can cause over-triggering and inappropriate activation instead of a more suitable skill. In an agent system, ambiguous routing increases the chance of incorrect behavior, degraded user experience, and accidental invocation across unrelated educational contexts.

Vague Triggers

Low

Confidence: 82% confidence
Finding: The usage guidance says to use the skill when a user wants to systematically enter a new field or feels their learning is unsystematic, but it does not define concrete activation criteria. That ambiguity can lead the agent to invoke this skill too often, especially for ordinary learning questions that do not require graph construction.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal