Knowledge Base Manager

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill coherently manages a local Markdown knowledge base, with disclosed local file creation scoped to a `knowledge/` folder.

Use it in a dedicated workspace or `knowledge/` directory, review generated paths before large reorganizations, and avoid saving secrets or reusing stored prompt/instruction entries without checking their source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The skill explicitly instructs initialization steps that create directories and copy files into the local filesystem, but it does not require an explicit confirmation or user-visible warning before making those changes. In an agent setting, filesystem-writing behavior can cause unintended modifications, especially if the user expected planning or dry-run behavior rather than execution.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The text is a generic imperative request to save an article and perform classification, which can match or activate the skill without clear scoping, trust boundaries, or user confirmation. In a knowledge-base management skill, broad intake phrasing increases the chance that unintended or attacker-supplied content is processed, classified, and persisted, potentially enabling prompt-injection-style misuse or unwanted file creation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal