Back to skill

Security audit

Maverick Process To Skill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for turning user-approved workflows into reusable local skills, with broad but disclosed automation behavior.

Review generated skills before saving them, especially if the workflow includes customer data, secrets, account changes, financial records, deletions, or public posting. For important systems, ask the agent to show the planned steps and get explicit approval before it runs them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is very broad and can match many ordinary user requests about explaining, running, automating, or saving workflows. That increases the chance of unintended activation, causing the agent to apply powerful process-execution behavior in contexts where the user did not explicitly request automation or skill creation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow explicitly tells the agent to 'Execute or automate the process' based on a user's natural-language description, but it does not require risk classification, permission checks, sandboxing, or confirmation before potentially system-impacting actions. In this context, the skill is especially dangerous because it is designed to transform loosely specified business processes into real execution flows, which could include file changes, external actions, or privileged operations if interpreted broadly.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The default prompt directs the agent to automate any user-described process and offer to save it as a reusable skill, but it does not define boundaries, approval checks, or safe trigger conditions. In a skill-creation context, this can cause the agent to operationalize vague, unsafe, or privilege-sensitive workflows and persist them for later one-command execution, increasing the chance of misuse or accidental unsafe automation.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.