Report Outline

Security checks across malware telemetry and agentic risk

Overview

This instruction-only report-planning skill is coherent; its main caution is that it may save a Markdown file and should use a user-approved location.

Before using it, specify where the Markdown report plan should be saved and review the generated path. Use the parallel research option only when the outline is appropriate to share across multiple agents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill explicitly instructs the agent to save a generated file to disk and present a path to the user, but it does not require confirmation, clarify where writes are permitted, or constrain the destination to a safe workspace. In an agent setting, implicit file-write instructions can lead to unintended filesystem modifications, overwriting existing notes, or writing sensitive content to an inappropriate location without the user's informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal