Back to skill

Security audit

Reality Check

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-risk decision-support skill, with the main caveat that its broad trigger phrases could activate more often than intended.

Install if you want an agent to challenge plans and assess feasibility. Be aware it may trigger on common critique-oriented phrases, so use explicit wording if you want to avoid accidental reality-check behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad enough to activate during ordinary conversation, which can cause the skill to run unintentionally outside a clearly scoped request. In a decision-support skill, accidental invocation can redirect the agent into critique or feasibility analysis at the wrong time, potentially disrupting workflows or overriding the user's intended task flow.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.