Back to skill

Security audit

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a plain Markdown guide for finding and installing skills; its risks are disclosed and aligned with that purpose, though users should review installs carefully.

Before installing recommended skills, review the publisher, repository, install count, and source code where practical. Treat `-g -y` installs as persistent changes to your agent environment; remove `-y` or ask for explicit confirmation if you want an extra review step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The top-level description uses very broad trigger language such as general 'how do I do X' or 'can you do X' requests, which can cause this skill to activate for many ordinary queries. Overbroad activation increases the chance the agent pivots into package discovery or installation workflows when the user did not explicitly ask to modify capabilities, creating unnecessary exposure to supply-chain and command-execution paths.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The 'When to Use This Skill' section includes ambiguous everyday requests like asking how to do a task or whether the agent can do something specialized. In context, that makes this skill prone to accidental invocation across a wide range of normal conversations, which may steer the agent toward recommending or installing third-party skills without sufficiently explicit user intent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs using 'npx skills add <owner/repo@skill> -g -y', which performs a global installation and suppresses confirmation prompts, but it does not prominently warn that this changes the user environment and may install untrusted third-party code. In a skill whose purpose is discovering packages from external sources, this materially raises supply-chain risk and reduces opportunities for the user or agent to review what is being installed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.