mfg-exp-distill

Security checks across malware telemetry and agentic risk

Overview

This is a manufacturing best-practices reference skill with no executable code, credential handling, or hidden high-impact behavior.

Install this if you want a Chinese manufacturing operations reference. Be aware that it may activate for broad manufacturing-related questions and has auto-update metadata, so review future updates if you rely on it for operational decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description says it should be used whenever the user is in manufacturing, wants to learn manufacturing experience, or extract methodologies, which is very broad and can trigger the skill in many loosely related contexts. Over-broad activation increases the chance the agent applies this skill when a different domain skill or general reasoning would be safer or more appropriate, causing scope confusion and unintended instruction takeover.

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The description is written to operate in Chinese without indicating language adaptation or user choice, which can force responses in a language the user did not request. This can degrade comprehension, cause miscommunication, and reduce the user's ability to detect mistakes or unsafe guidance, though it is not directly exploit-enabling in this skill's otherwise informational context.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal