Back to skill

Security audit

Anti-hype Filter

Security checks across malware telemetry and agentic risk

Overview

This is a text-only skill that helps rewrite hype-heavy claims into more verifiable language and does not request sensitive access or run code.

Safe to install for reviewing promotional or speculative language. Users should treat its output as a writing and risk-framing aid, not as financial, legal, or moderation authority, and should be aware that broad trigger words may activate it more often than expected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest trigger list contains generic terms such as "hype," "moon," "guaranteed," "urgency," and "alpha" without any scope limitations or exclusion conditions. In a manifest file, these broad single-word triggers can overlap with common conversation and make it unclear when the skill should activate versus remain inactive.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.