cms-task-audit

Security checks across malware telemetry and agentic risk

Overview

This is a conversational meeting-task audit skill with no executable scripts, network calls, or hidden data movement found.

Install this if you want a structured audit-questioning workflow for meeting tasks. Be aware it may ask persistent follow-up questions and may activate on broad task-checking phrases; avoid pasting sensitive meeting content unless you are comfortable with your agent retaining it in the conversation or any configured logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases are broad natural-language requests such as '检查一下这些任务的执行情况', which can overlap with ordinary conversational requests and cause the audit skill to activate unintentionally. In an agent system, overbroad routing can force users into a rigid multi-step questioning workflow, collect more task details than needed, and produce incorrect handling of requests that should have gone to a different skill.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrase "帮我审计这个任务" is broad, natural language that could easily appear in ordinary conversation, causing the skill to activate unintentionally. Because the skill claims it will "automatically load" and steer the interaction into a guided audit flow, this creates routing ambiguity and increases the chance of unintended context capture or workflow hijacking.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal