Back to skill

Security audit

OWASP Top 10 AI

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only security guardrail skill that makes the agent more cautious about OWASP LLM risks, with no executable code or hidden access found.

Install this if you want OWASP-style LLM security guardrails. Expect more conservative behavior, including refusals or confirmation prompts around sensitive data, external tools, generated code execution, system prompt requests, and large or open-ended tasks. Review any separately downloaded organization-specific replacement skill before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.prompt_injection_instructions

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
SKILL.md:33