Back to skill

Security audit

SPF Write Plan

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed planning workflow that writes plan files and may hand off to execution only after user choice, with no hidden code, credential access, or automatic execution found.

Install this if you want a skill that creates implementation-plan files in your project. Review generated plans before using them for execution, avoid including secrets in planning files, and prefer an isolated worktree for large or risky changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
This planning skill crosses into execution by embedding commit commands and explicitly routing the user into code-execution sub-skills. That expands the trust boundary from documentation-only behavior into operational behavior, making it easier for a malicious or mistaken plan to directly influence repository changes and downstream execution.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.