Skylv Data Validator

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local JSON validation skill with no evidence of hidden access, persistence, network activity, or destructive behavior.

Expect a local JSON validation helper that reads files you explicitly point it at. Be aware that its trigger wording is broad and that the description mentions CSV/Excel even though the included script only handles JSON.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger keywords include very generic terms like "validate," "schema," and especially "check," which can match a wide range of unrelated user requests. This can cause the skill to activate outside its intended scope, increasing the chance of unintended behavior, incorrect tool selection, or user confusion in contexts that are not specifically about data validation.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest trigger phrase "data validator" is too broad and could be invoked by many generic requests involving data, checking, or validation. Because this skill is positioned as a general-purpose validator across JSON, CSV, and Excel, the broad trigger increases the likelihood of accidental invocation in unrelated workflows, making scope control weaker rather than stronger.

VirusTotal

1/66 vendors flagged this skill as malicious, and 65/66 flagged it as clean.

View on VirusTotal