Agent Skills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill about building and evaluating agent skills, with no executable code or hidden installation behavior.

Safe to install as a reference skill. If you copy its integration advice into an agent, avoid exposing full local filesystem paths to the model or users, and test skill descriptions with near-miss negatives so skills do not trigger too broadly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The guidance explicitly says to "err on the side of pushy" and to trigger even when the domain is not named, which encourages descriptions that over-match user requests. In an agent skill system where the description is the sole trigger mechanism, this can cause inappropriate skill activation, leading the agent to apply the wrong instructions or expose broader skill content than necessary.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The example description tells the system to use the skill even if the user does not explicitly mention the core domain, which makes invocation criteria ambiguous. As a reference example, this pattern is likely to be copied into other skills and can systematically widen trigger scope, increasing false activations and unintended behavior across the ecosystem.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal