Mi Habilidad Nueva

Security checks across malware telemetry and agentic risk

Overview

This is a simple always-on welcome/persona skill with no code or tool instructions, though users should verify its server and capability claims are accurate.

Install this only if you want Santi-branded, always-on greeting behavior in the workspace. Confirm that the Ubuntu server statement and listed capabilities are true for your assistant, especially the file-management claim, because users may treat those statements as factual.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The skill activates on any formal or informal greeting, which is overly broad and can cause unintended triggering during ordinary conversation. This can override other skills or inject behavior unexpectedly, reducing predictability and potentially exposing users to unintended system/persona disclosures.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal