Team Manager
Security checks across malware telemetry and agentic risk
Overview
This appears to be a simple team productivity skill, with the main caution that it records team response status locally.
Before installing, decide what belongs in state.json, who can access it, and when it should be cleared. Avoid storing sensitive HR, performance, medical, or private personnel details unless your team has an explicit policy for that data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.