Message Clinic Runner

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed writing workflow that reads a supplied draft, runs a structured rewrite process, and saves one output file.

Safe to install for structured draft-rewriting workflows. Review the dependent BookForge skills if they are also installed, and avoid using confidential drafts unless your agent workspace and model provider are appropriate for that content; expect a file named message-clinic-output.md to be created.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list is extremely broad and includes generic phrases like 'rewrite this message', 'improve this draft', and 'just fix it', which can cause the skill to activate in situations far outside its intended specialized workflow. This creates prompt-routing risk: the agent may invoke a heavy rewriting/orchestration skill unexpectedly, causing inappropriate transformations, unnecessary file writes, or bypass of a more suitable narrower skill.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The when_to_use section uses vague trigger conditions and insufficient exclusions, which increases the chance of incorrect autonomous selection of this skill. In an agentic environment, poor routing is a real security and safety issue because the wrong skill can read inputs, invoke dependencies, and generate persistent outputs without the user's informed intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal