TrustSkills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill that gives a limited provenance check for skill sources and does not request code execution, credentials, persistence, or local access.

Use this as a first-pass source check only. A Trusted result means the source matches this skill's allowlist, not that the specific skill code, permissions, maintainer account, or future updates are safe; review the artifact itself before installing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill defines broad natural-language trigger phrases such as general trust questions, not just the explicit `/trustskills <url>` command. In systems that auto-route based on semantic matching, this can cause unintended invocation and let this skill override or intercept broader security, installation, or repository-analysis requests with a shallow allowlist-based trust decision.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The repeated example requests reinforce ambiguous semantic triggers without sufficient scope boundaries, increasing the chance that the orchestrator invokes this skill whenever a user asks if something is 'official' or 'trusted'. Because the skill itself explicitly does not perform deep verification, accidental routing could produce overconfident trust guidance in contexts requiring fuller security review.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal