Evidence Gate

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only helper that asks an agent to check evidence before making strong claims or risky recommendations.

Install this if you want agents to pause before firm conclusions or risky recommendations and produce structured evidence checks. Expect it to influence wording and downgrade unsupported claims; the reviewed artifacts do not show code execution, data access, credential use, persistence, or external communication.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: This manifest allows implicit invocation, but the file does not define narrow activation conditions, exclusion rules, or negative examples. Combined with the broad natural-language prompt description, this creates ambiguity about when the skill should activate and increases the risk of unintended invocation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal