Back to skill

Security audit

guild-knowledge

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent with its stated purpose, but users should be aware that its broad auto-triggers can cause it to consult local Guild documents and use web search during ordinary tasks.

Install only if you want an agent to automatically consult Guild-style local experience documents and search the web when related phrases appear. Keep Guild and .learnings files free of secrets, review any proposed document or index updates before approval, and consider narrowing or disabling broad triggers like "build website," "cleanup workspace," and "delete files" if accidental activation would be disruptive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger list includes broad, high-frequency phrases such as 'build website', 'cleanup workspace', and 'delete files', which can cause the skill to activate during ordinary requests without clear user intent. Because the skill may then read Guild documents and initiate web-search-driven guidance, this creates unintended behavior, privacy exposure, and possible interference with unrelated workflows.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README promotes mandatory searches for latest information and mentions optional integrations that can capture learnings from conversations, but it does not clearly warn users that prompts, context, or project details may be sent to external search or integration systems. In a skill that auto-triggers and operates on user tasks, missing privacy disclosure increases the risk of inadvertent data sharing without informed consent.

Vague Triggers

High
Confidence
95% confidence
Finding
The skill is configured with very broad auto-trigger keywords such as 'build website', 'cleanup workspace', 'delete files', and generic terms like 'Guild', causing it to activate on many ordinary requests unrelated to document governance. In an agent setting, over-broad triggering can unexpectedly insert file-reading, search, or workflow steps into unrelated tasks, increasing the chance of unintended access to local documents, unnecessary web lookups, or unsafe operational influence.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The feature definition says the skill triggers when a user mentions a 'related task' but does not define clear boundaries for what counts as related. This ambiguity makes the skill easier to invoke accidentally or in unintended contexts, especially because the workflow includes automatically reading Guild documents and searching for external information before the user explicitly requests those actions.

Vague Triggers

High
Confidence
96% confidence
Finding
The skill enables auto-triggering while registering broad, common keywords such as "build website," "delete files," "organize files," and "new technology." This creates a real risk of unintended activation during ordinary conversations, which is especially dangerous because the skill's documented capabilities include reading documents, searching latest information, and potentially influencing file-management or review workflows without explicit user intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.