SkillProbe

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be an evaluation tool, not malware, but it deserves Review because it tells agents to run arbitrary skills for real without enough sandboxing or approval guidance.

Install only if you will run evaluations in a controlled environment. Use disposable workspaces and test accounts, disable write-capable or external tools when possible, require approval for mutations, avoid evaluating confidential skills unless your configured model provider is acceptable, and verify any separately installed SkillProbe CLI before running the helper script.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly requires real executions of target skills via sub-agents but does not warn that those executions may trigger real external actions, data access, or other side effects. Because this skill is specifically designed to evaluate arbitrary third-party skills, the omission increases the chance that users will run untrusted skill content in live conditions without containment, causing unintended actions during the baseline/with-skill comparison.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal