Skillforge

Security checks across malware telemetry and agentic risk

Overview

SkillForge is a small local tool for generating SKILL.md files, with no evidence of hidden data access, persistence, or exfiltration.

Install only if you are comfortable with the listed Python dependencies and run the server locally. Review generated SKILL.md files before publishing, especially when the input instructions come from someone else.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

External Transmission

Medium

Category: Data Exfiltration
Content: ## Generate a SKILL.md ```bash curl -s -X POST http://localhost:8003/v1/forge-skill \ -H "Content-Type: application/json" \ -d '{"name": "My Cool Tool", "description": "Does cool things.", "instructions": "Step 1: Be cool."}' | jq ```
Confidence: 60% confidence
Finding: curl -s -X POST http://localhost:8003/v1/forge-skill \ -H "Content-Type: application/json" \ -d

External Transmission

Medium

Category: Data Exfiltration
Content: ## With optional env vars and bins ```bash curl -s -X POST http://localhost:8003/v1/forge-skill \ -H "Content-Type: application/json" \ -d '{"name": "API Client", "description": "Calls APIs.", "instructions": "Use curl.", "env_vars": ["API_KEY"], "bins": ["curl"]}' | jq '.skill_md' -r ```
Confidence: 60% confidence
Finding: curl -s -X POST http://localhost:8003/v1/forge-skill \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal