Context Product Manager

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only planning skill that reads relevant project files to produce product plans and coding-agent handoffs, with no install scripts or hidden execution behavior.

Before installing, confirm you are comfortable with the agent reading relevant workspace files when preparing repo-aware plans, and with Chinese being the default conversational language. Review any generated handoff before giving it to another automated coding agent.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The invocation description is extremely broad and overlaps with ordinary planning, brainstorming, and coding-prep requests, which can cause the skill to activate in situations the user did not specifically intend. In a delegation/orchestration skill, unintended activation can steer workflows, alter response style, and unnecessarily expose repo-context gathering behavior across a wide set of benign prompts.

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill hard-codes communication in Chinese without checking the user's language preference, which can override user intent and degrade transparency, comprehension, and reviewability. In a PM/context-engineering skill that produces specs and agent handoffs, forced language selection can cause misunderstandings in requirements, approvals, and downstream execution.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal