Skylv Skill Quality Assurance

Security checks across malware telemetry and agentic risk

Overview

This skill is a local documentation-quality checker with no evidence of network access, credential use, persistence, or destructive behavior.

Before installing, be aware that generic triggers may invoke this skill during ordinary requests about quality, scoring, or documentation. Run it only against directories you intend to analyze, and do not rely on the documented auto-fix command unless a separate reviewed fix_skill_md.cjs file is provided.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes generic phrases such as "quality," "score," and "analyze skill," which are broad enough to overlap with ordinary user requests and unrelated workflows. In an agent ecosystem, this can cause accidental invocation of the skill, leading to unintended processing, confusing behavior, or interference with more appropriate skills.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal