Agriculture

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a broad farm-operations assistant, and the only concern found is that users should keep human control over consequential decisions.

Use this as planning support, not as an autonomous farm manager. Keep a human approval step for financial decisions, purchases, market actions, pesticide or veterinary choices, and any safety-critical equipment or labor decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill is defined with a very broad operational scope covering weather, inventory, equipment, labor, livestock, finance, and market decisions, but it does not specify clear invocation boundaries, authority limits, or exclusion conditions. In an agent environment, this can cause overreach into unintended workflows, unsafe autonomous recommendations or actions, and increased exposure to prompt-injection or misuse through overly permissive task interpretation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal