AANA Tool Use Gate Skill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only safety checklist for reviewing risky tool use, with no executable code or hidden access.

Install this if you want stricter review before tool use. Expect the agent to ask for confirmation more often around private data, external sends, destructive actions, production systems, and payments. If you configure an external checker, use a trusted one and keep review payloads redacted; the example file should be corrected for clarity.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - the user did not authorize a risky action, - the target scope is ambiguous, - the tool could harm unrelated files, accounts, systems, or people, - the action would bypass consent, policy, review, or safety boundaries, - the request involves credential theft, fraud, evasion, harassment, exfiltration, or unauthorized access, - a qualified professional, administrator, or verified system must review the action first.
Confidence: 85% confidence
Finding: bypass consent

Scope Creep

Low

Category: Excessive Agency
Content: - the answer can be given from already available evidence, - the tool would collect private data not needed for the task, - the user asked for a conceptual explanation only, - the tool would expand scope beyond the user request, - a lower-risk tool or read-only step is enough. Prefer:
Confidence: 75% confidence
Finding: expand scope

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal