Tool Permission Manager

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only skill, but it tries to manage powerful tool permissions with vague dynamic authorization rules.

Review before installing. Use it only if your agent platform enforces real tool permissions independently, and require explicit confirmation plus a structured policy before enabling exec, write, message, cron, sessions, gateway, or delete access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill allows users to dynamically change tool permissions through broad natural-language commands like '授权XXX工具' without defining authentication, authorization boundaries, allowed tools, or escalation constraints. In a permission-management skill, this can let a user or prompt-injected content weaken safeguards and enable access to higher-risk tools such as exec, message, or other dangerous capabilities.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal