Cavecrew

Security checks across malware telemetry and agentic risk

Overview

The skill appears low risk, with the main caveat that its broad trigger phrases could activate when the user did not intend it.

Install only if you are comfortable with the skill activating on broad delegation or context-saving phrases. Prefer invoking it explicitly and check where any saved context is written or reused.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill advertises several broad natural-language trigger phrases such as "delegate to subagent" and "save context," which can be invoked unintentionally during ordinary conversation. That can cause the wrong skill to activate, leading to misrouting of work, unnecessary delegation, and context pollution, though this file does not itself contain direct code-execution or data-exfiltration behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal