Back to skill

Security audit

prompt-engineer

Security checks across malware telemetry and agentic risk

Overview

This is mostly a prompt-engineering reference skill, but it includes an unsafe agent calculator example that could run arbitrary code if copied into a real tool.

Install only if you treat it as general reference material. Do not copy the Calculator tool example as written; replace eval with a safe arithmetic parser or vetted calculator tool, and review any copied API, search, embedding, or vector-store examples before using private data or credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The calculator tool executes untrusted input with Python eval, which enables arbitrary code execution if an attacker can influence the tool input. In an agent setting, LLM-generated or user-supplied text may reach this path, making code execution especially dangerous because it can lead to command execution, file access, or secret exfiltration.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description is broad enough to match many loosely related requests, which can cause the agent to invoke this skill outside its intended scope. Overbroad routing increases the chance of inappropriate capability exposure, prompt cross-contamination, or selection of a specialized skill in contexts where stricter or safer skills should have been used.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.