QMD Learning Loop

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill is a disclosed learning-log workflow that can update durable workspace guidance, but it shows no hidden code, credential use, network access, or deceptive behavior.

Install this if you want agents to record useful lessons in your markdown workspace. For safer use, review edits to policy, principles, behavior, AGENTS.md, SOUL.md, or other durable guidance files before accepting them, and keep routine or one-off notes in lightweight logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Persistent Context Injection

Medium

Category: Memory Poisoning
Content: - it prevents meaningful repeated waste - it defines a stable convention worth retrieving later Do not turn every one-off event into a permanent rule. ## Review loop
Confidence: 80% confidence
Finding: a permanent rule

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal