Back to skill

Security audit

python-ai-course

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only AI course tutor skill with overbroad auto-activation language, but no hidden code, installer, credential handling, persistence, or destructive behavior.

Install this if you want a prescriptive AI learning coach. Be aware it may activate on broad AI-learning questions and push a fixed assessment-first workflow; for quick factual AI questions, you may need to ask the assistant not to use this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
96% confidence
Finding
The metadata description says the skill should auto-activate for very broad intents like 'systematically learn AI', 'learn LLM/RAG/Agent/deep learning', and general AI career growth. These phrases overlap heavily with ordinary conversation, making accidental routing likely and allowing the skill to seize control in contexts where the user did not explicitly request this rigid workflow. In a skill system, overbroad activation can suppress user choice, cause prompt hijacking of benign conversations, and force unrelated behavior such as mandatory assessments and fixed teaching flows.

Vague Triggers

High
Confidence
98% confidence
Finding
The skill explicitly uses a 'match then automatically activate' model and says no extra confirmation is needed. That removes an important safety and UX boundary: the user may ask a narrow question, but the skill can immediately impose a full standardized process, including mandatory profiling and testing. This is dangerous because it increases the chance of unwanted takeover and makes it easier for the skill to override the host assistant's normal intent handling.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The listed trigger phrases include generic requests such as 'learn machine learning', 'what is a large model', 'AI interview prep', and 'help me learn AI', which are too broad to uniquely identify this skill. In practice, these broad patterns can capture many unrelated or lightweight requests and funnel them into a highly prescriptive behavior set. The danger is contextual misrouting rather than direct code execution, but it still meaningfully affects user autonomy and system reliability.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.