Search Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is for finding and installing other skills, but it encourages broad activation and a global install command that skips confirmation for third-party content.

Review any skill and publisher before installing it. Prefer installing only after an explicit package choice and confirmation, avoid `-y` unless you intentionally want to skip prompts, and use global installs only when you want the skill to affect future agent sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill's activation criteria are very broad ('how do I do X', 'can you do X'), which can cause the agent to invoke this skill for many ordinary requests. In context, that broad routing is risky because the skill encourages discovery and installation of third-party skills, increasing exposure to unnecessary package search and install flows when a direct answer would have been safer.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The markdown recommends `npx skills add <owner/repo@skill> -g -y`, which both installs globally and suppresses confirmation for third-party content without warning about trust, review, or system-wide impact. In a skill-discovery context, this materially raises the risk of silently installing unreviewed code or configuration from external sources, potentially affecting the user's environment beyond a single project.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal