Back to skill

Security audit

Prompt Injection Guard

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only defensive skill for prompt-injection protection, with some usability and logging caveats but no evidence of malicious behavior.

Install this if you want an automatic prompt-injection guard, but expect occasional interruptions or false positives because the trigger keywords are broad. If you use its logging guidance, decide where logs are stored, how long they are kept, and how sensitive prompt fragments are redacted. Confirm the publisher/version metadata if provenance matters for your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is configured with auto_trigger: true and very broad keywords such as 'prompt', 'attack', and their Japanese equivalents, which are common in ordinary discussion. This can cause the guard skill to activate unintentionally during benign conversations, potentially disrupting workflows, creating alert fatigue, or interfering with other skills and agent behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.