Requirement Validator 是一个数据驱动的需求验证工具，通过多维度分析帮你判断需求是否值得实现。

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for requirement validation, with only a minor invocation-scoping concern around asking users for uploaded feedback data.

Install only if you are comfortable sharing the specific requirements and feedback data needed for analysis. Avoid uploading sensitive internal datasets unless you intend them to be processed, and prefer invoking the skill explicitly for requirement validation tasks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The interactive example uses a broad natural-language trigger phrase, which increases the chance of accidental or unintended invocation during ordinary conversation. Because this skill solicits user data uploads and performs analysis, surprise activation could cause unnecessary data exposure or confuse users into sharing sensitive internal feedback datasets.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal