Locksmith Service

Security checks across malware telemetry and agentic risk

Overview

This is a simple locksmith-service guidance skill with no code, credentials, installation hooks, or hidden execution behavior.

Before using it for real-world locksmith help, verify the locksmith’s identity, police registration or licensing where applicable, quoted pricing, insurance coverage, and your authority over the property. Keep valuables secured and supervise any on-site service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The example requests use highly generic trigger phrases such as '如何快速使用…处理[具体场景任务]' and '有哪些最新玩法/优惠信息', which do not clearly constrain when this skill should activate. In an agent environment, overly broad invocation patterns can cause accidental routing, prompt collisions, or misuse outside the intended locksmith-service context, increasing the chance of unsafe or irrelevant assistance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal