Back to skill

Security audit

3Q-quality-system

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed quality-review workflow skill with no executable code, credentials, or hidden data access, though some trigger phrases are broad enough to cause accidental activation.

Install if you want an AI quality-control checklist and decision-review framework. Be aware that common Chinese review terms may activate it unintentionally, and deep checks or blind review may add time and token cost; use explicit 3Q phrasing when you want predictable activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
92% confidence
Finding
Several triggers are broad everyday phrases, which can cause the skill to activate unexpectedly during normal conversation. Because this skill imposes process constraints like mandatory checks, scoring, and blind review steps, accidental activation could derail unrelated tasks, alter agent behavior, or create prompt-routing interference.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage guidance encourages activating the skill through common natural-language requests without defining when the skill should not trigger. That increases the chance of unintended invocation and makes the skill more likely to hijack ordinary review, planning, or discussion prompts that mention similar concepts.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
95% confidence
Finding
'预检' is a short, generic term that can appear in many unrelated user requests, making accidental activation likely. In an agent ecosystem, broad triggers can redirect task flow and apply the skill's constraints in contexts where the user did not intend to invoke it.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
94% confidence
Finding
'盲审' is a common domain term rather than a distinctive skill invocation, so it may match ordinary discussion about reviews or audits. The main risk is unintended skill activation and prompt-routing confusion rather than direct data compromise.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
94% confidence
Finding
'六问' is too short and semantically broad to safely serve as a standalone trigger. It can easily appear in unrelated content and cause the skill to engage when the user is merely referencing a concept, not requesting this specific framework.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
95% confidence
Finding
'自审' is a generic phrase widely used in ordinary requests, so it creates a substantial risk of false activation. Because the skill changes workflow behavior and can enforce deeper review steps, accidental triggering may waste resources or interfere with unrelated instructions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.