Cross-Channel & Cross-Agent Skill Sharing

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed workflow for recording and sharing newly added workspace capabilities, with persistence that users should review but no evidence of hidden or destructive behavior.

Install this only if you want agents to keep workspace capability notes and share them across sessions. Review any generated SKILL.md, scripts, TOOLS.md, or memory changes before relying on them in future work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: - Package versions - One-line usage note 3. Create or update a reusable skill when pattern is repeatable: - Add/adjust `SKILL.md` - Add scripts under `scripts/` for deterministic steps - Keep instructions concise and invocation-focused
Confidence: 86% confidence
Finding: Create or update a reusable skill when pattern is repeatable: - Add/adjust `SKILL.md` - Add scripts under `scripts/` for deterministic steps - Keep instructions concise and invocation-focused

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal