Kai Master Builder

Security checks across malware telemetry and agentic risk

Overview

This appears to be a broad project-execution skill with disclosed automation behavior, but users should only enable it when they want that level of file and workflow control.

Install only if you want a skill that can help run broad development workflows and persist project state. Keep normal agent approval prompts on, review file changes before accepting them, and enable cron or unattended operation only for a workspace you are comfortable automating.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill is scoped so broadly that it can be invoked for many generic development requests, increasing the chance it activates in situations the user did not explicitly intend. Because it is positioned to guide building, planning, and execution across arbitrary projects, it can expand an agent's authority and create unsafe or surprising file-modifying behavior.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly supports autonomous execution, iterative code changes, task state mutation, changelog updates, and cron-driven operation, but it does not include strong user-facing warnings, confirmation gates, or constraints on system impact. In practice, this can lead to unattended code changes, accidental overwrites, or persistent automation running beyond the user's expectations.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal