PLS Copy Editing

Security checks across malware telemetry and agentic risk

Overview

This is an unfinished copy-editing skill template with no code or sensitive access, so the main risk is that it may not be useful or well scoped.

Install only if you understand this appears to be a placeholder rather than a finished copy-editing skill. It should be updated with clear copy-editing scope, supported document types, and out-of-scope cases before relying on it for real work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 98% confidence
Finding: The manifest description is only a TODO placeholder and does not specify when the skill should be invoked, what inputs it applies to, or what boundaries it should respect. In an agent setting, ambiguous activation guidance can cause the skill to trigger in inappropriate contexts or be overlooked when needed, which weakens safety and reliability even though it is not directly exploitable like code execution.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal