Back to skill

Security audit

Alex

Security checks across malware telemetry and agentic risk

Overview

This is a simple research-assistant skill that asks the agent to search the web and cite sources, with no hidden installer, persistence, credential access, or destructive behavior found.

This skill is reasonable to install for general web research. Because it always searches the web, avoid giving it confidential topics or private business details unless you are comfortable with those search queries being sent to external search providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.prompt_injection_instructions

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
SKILL.md:3