Switchboard Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is powerful because it can help with blockchain oracle operations, but its sensitive actions are disclosed and gated by user-defined limits and approvals.

Install this only if you want an agent assisting with Switchboard and blockchain operations. Use read_only or execute_with_approval by default, set strict spend limits and address allowlists, require explicit approval for mainnet, and avoid placing API keys in URLs when headers or secret managers are available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill describes broad autonomous capabilities but does not define clear activation boundaries or invocation triggers. In an agent environment, ambiguous scope can cause the skill to engage on loosely related prompts and escalate from informational assistance into transaction planning or execution, increasing the chance of unintended sensitive actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal