Back to skill

Security audit

Skill Workflow Orchestrator

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a disclosed code-review helper that uses powerful local review commands, with no hidden destructive or unrelated behavior found.

Install this only if you want an automated review helper that can run local review tools and tests. Be aware that its helper defaults to running nested Codex review with full filesystem/sandbox bypass privileges; use its no-yolo option or environment setting if you want normal approval controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill is designed to auto-trigger on broadly described multi-step user requests, but it does not define strict activation boundaries, exclusion criteria, or a gating mechanism before orchestrating downstream skills. In an orchestrator context, this is especially dangerous because a vague trigger can capture benign conversation and escalate it into chained actions involving search, file access, note saving, messaging, or email, increasing the risk of unintended or unsafe multi-tool execution.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.