nl2sqlSkill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only NL2SQL reporting workflow with expected read-only database querying, but users should scope database access carefully.

Install only if you intend agents to generate and run read-only database queries for analysis. Use a least-privilege read-only database account, restrict schemas and tables, and avoid connecting sensitive production data unless query logging, result redaction, and execution limits are handled outside the skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger conditions are broad enough to overlap with many ordinary analytics or database-related conversations, which can cause the skill to activate unexpectedly. In a skill that can generate and execute SQL and perform follow-up queries, mis-triggering increases the chance of unintended database access, unnecessary query execution, or disclosure of report content in contexts where the user did not explicitly request this workflow.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal