Back to skill

Security audit

Adversarial Design Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed design-review workflow that uses short-lived specialist agents to critique risky systems designs, with no hidden install or persistence behavior found.

Install this if you want a structured multi-agent critique before building risky systems code. Be aware it asks review agents to read relevant project files named in your design brief, so use it on workspaces where that level of code access is appropriate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes phrases like "design review", "before I build", and "review before implementing", which are common expressions that may arise in ordinary conversation outside the narrow intended domain. Although the description mentions risky low-level systems work, the manifest does not clearly constrain activation or provide negative examples to prevent overlap with general software discussions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.