Implementation Planner

Security checks across malware telemetry and agentic risk

Overview

This is a simple planning helper with no executable code or hidden access; its only notable issue is malformed activation metadata.

Install this only as a planning aid, not an automation or deployment tool. Ask the publisher to replace the malformed System.Object[] trigger with explicit implementation-planning activation phrases so the skill runs only when intended.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: This manifest includes a triggers section, but the value is just `System.Object[]`, which does not define any concrete activation phrases or scope. Because the trigger conditions are effectively unspecified, it is unclear when the skill should activate versus not activate, matching the vague-trigger category for manifest files.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal