Back to skill

Security audit

Prompt Craft - 提示词工程与多代理编排设计规范

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only prompt-design skill whose main issue is broad activation, not data access or code execution.

Install this if you want guidance for writing skills, prompts, or multi-agent designs. Review its broad trigger wording if you have other agent-development skills installed, because it may influence adjacent meta-design tasks more often than intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description says it auto-loads for broad requests like writing new skills, optimizing prompts, designing sub-agent topologies, or debugging orchestration. These phrases are common in legitimate conversations and overlap with other agent-development tasks, so the skill may activate too often and influence workflows outside its intended scope. Because this skill prescribes prompt structure and orchestration behavior, over-activation can cause unintended prompt injection into unrelated tasks and misroute control between skills.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The trigger guidance in the integration section is underspecified: it tells the system to load the skill when users ask to 'write skill', 'optimize prompt', 'design agent', or 'orchestration topology', but it does not clearly define when not to activate. It also relies on informal boundary text with another skill, which is not a robust gating mechanism. This can lead to ambiguous or incorrect skill selection, causing prompt contamination, workflow hijacking, or suppression of the actually appropriate skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.