Credibility Evidence Selector

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only writing aid for choosing credible evidence, with no executable code, credential access, persistence, or hidden data movement.

Before installing, expect this skill to read relevant drafts, claims, testimonials, and proof-point notes, then write a credibility plan. Avoid giving it private customer details unless needed, and independently verify statistics, quotes, testimonials, and customer claims before publishing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The manifest and documentation repeatedly frame this as an offline, prose-artifact skill that ranks existing evidence rather than performing external research. Line L167 introduces a concrete expectation of internet-based verification via Google search, which is a behaviorally different capability from merely selecting among supplied evidence.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal