Axodus Backend Architecture

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only backend architecture helper with a malformed trigger field but no evidence of hidden actions, credential access, code execution, or persistence.

Safe to install for backend design guidance. The maintainer should replace the malformed trigger value with explicit activation phrases so the skill only activates in the intended backend architecture contexts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger configuration is effectively unspecified, using a generic serialized type marker instead of concrete activation phrases or constraints. This can cause the skill to activate unpredictably or be matched too broadly, increasing the chance of unintended invocation and unsafe routing of user requests in systems that rely on trigger specificity for control.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal