Find Skills (Robin's Fork)

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent, but it encourages broad third-party skill discovery and a global auto-confirm install path that can persistently change the user’s agent.

Install only if you want the agent to search external skill sources and possibly add persistent new skills. Before any install, review the skill source and command, avoid `-y` unless you intentionally want to skip prompts, and prefer scoped installs over global installs when available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The trigger criteria are broad enough to activate on many ordinary 'how do I do X' requests, causing the skill to steer users toward searching/installing third-party skills when they may have only wanted direct help. In this skill's context, that increases exposure to unnecessary package discovery and potential installation flows, expanding the trusted computing base and creating social-engineering risk.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs use of `npx skills add <owner/repo@skill> -g -y`, which performs a global install and suppresses confirmation prompts without prominently warning the user. In a skill-discovery context, this is especially risky because it turns a search/recommendation flow into a low-friction installation path for third-party code, increasing the chance of accidental or socially engineered installs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal