Tools Litiao

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only preference skill with broad tool-selection wording, but no executable code, hidden access, or credential handling was found.

Install only if you want the agent to remember your preferred tools and suggest alternatives. Periodically review saved preferences, do not store secrets there, and require confirmation before using unfamiliar or high-impact tools.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Unrestricted Tool Access

Medium

Category: Excessive Agency
Content: ## Adaptive Tool Intelligence You can use ANY tool. Learn new ones instantly. This skill tracks user preferences, not your limits. **Rules:** - Default to user's known tools when they exist
Confidence: 87% confidence
Finding: use ANY tool

Self-Modification

High

Category: Rogue Agent
Content: # Criteria for Tool Preferences Reference only — consult when deciding whether to update SKILL.md. ## When to Add to Stack
Confidence: 90% confidence
Finding: update SKILL

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal