Self-Critique

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk self-review skill that helps improve drafts and code by critiquing outputs before finalizing.

Installers should know this skill may be invoked broadly for important writing, code, analysis, or decisions. Use it for deliberate pre-submission review, and avoid running it unnecessarily on highly sensitive content because the workflow may restate or restructure that content during critique.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description is extremely broad ('Use for any output where quality matters'), which can cause this skill to activate for nearly any task and override or interfere with more specific, safety-critical skills. In agent systems, overly generic auto-activation increases the chance of unintended prompt injection surface area, instruction conflicts, and unnecessary self-referential processing on sensitive tasks.

VirusTotal

41/41 vendors flagged this skill as clean.

View on VirusTotal