Context Cleaner (.md cleanup)

Security checks across malware telemetry and agentic risk

Overview

The skill is openly meant to clean agent context files, but it can rewrite persistent agent instructions with broad triggers and incomplete pre-change approval.

Review before installing. Use it only with an explicit named target, require the agent to show the exact files and diff before any rewrite, avoid all-agent or main-workspace mode unless you have current backups, and verify that important IDs, workflows, and safety rules are preserved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are broad enough to overlap with normal workspace-maintenance language such as 'clean up agent files' or 'optimize agent context,' which can cause the skill to activate when the user did not intend to authorize file modifications. Because this skill performs destructive-capable operations on workspace files, unintended invocation increases the chance of accidental backups, rewrites, or rollback actions affecting agent configuration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal