New House

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is confusingly written, but the artifact does not show system access, credential use, persistence, or harmful behavior.

Install only if you are comfortable with a poorly scoped guidance skill. Verify any housing listings, sales-office appointments, purchase policies, mortgage calculations, queue status, or offers against official property, government, lender, or merchant sources before acting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The manifest advertises a new-house skill, but the body documents restaurant/store-discovery behaviors such as queue status, electronic ticket numbers, and merchant visit notes. This mismatch can cause the agent or users to invoke the skill under false assumptions, enabling capability confusion, misrouting of sensitive housing-related queries, and potentially unsafe downstream actions such as wrong bookings or collection of irrelevant location/consumer data.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The title and heading indicate a real-estate/new-house skill, but the listed features describe merchant queueing, store exploration, and review aggregation. In an agent ecosystem, contradictory intent increases the risk of privilege or context misuse because orchestration may select this skill for housing workflows while the implementation/documentation points to unrelated consumer-service actions.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The example trigger phrases are so generic that they could match almost any task, which makes invocation boundaries unclear. Overbroad triggers increase accidental activation and can cause the agent to use this mismatched skill in inappropriate contexts, compounding the domain-confusion issues already present in the file.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal