Back to skill

Security audit

Hurricane Problem Solver

Security checks across malware telemetry and agentic risk

Overview

This is a text-only problem-solving skill that guides root-cause analysis and does not request private data access, commands, persistence, or account authority.

Safe to install as a structured thinking aid. Because its triggers are broad, use manual invocation or disable it if you want tighter control, and treat outputs as analysis support rather than expert legal, medical, financial, or security advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger examples are very broad and map to common conversational requests like 'Help me solve this problem' and 'Untangle this.' In an agent routing system, this can cause the skill to activate for a wide range of ordinary prompts, creating overreach, misrouting, and an increased chance that this forceful investigative behavior overrides more appropriate domain-specific or safety-constrained skills.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.