Back to skill

Security audit

demo-production

Security checks across malware telemetry and agentic risk

Overview

This is a transparent instruction-only demo-building skill that may create prototype files and optionally research references, but it has a review gate and no hidden execution, credentials, or persistence.

Install this only where it is acceptable for the coding agent to make prototype-oriented file changes with reasonable assumptions. Review generated files, dependencies, mock data, and any external reference research, and be cautious when explicitly asking it to skip the default review gate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest description says to use the skill when a coding agent is asked to "create, plan, prototype, or build a demo" and for "any project where the user has a rough idea but needs the coding agent to infer missing details." These triggers are very broad and lack clear exclusion conditions, so the skill could be invoked for many ordinary software tasks beyond a narrowly defined demo-production context.

Memory Manipulation

High
Category
Memory Poisoning
Content
- Use realistic mock content.
- Include important states, not just the happy path.
- Visually communicate the intended product experience.
- Make incomplete functionality feel intentional through simulation or clear state changes.

Prototype techniques may include:
Confidence
80% confidence
Finding
clear state

Memory Manipulation

High
Category
Memory Poisoning
Content
- [ ] Empty data state renders cleanly.
- [ ] Long text or overflow does not break layout.
- [ ] Invalid input is handled with visible feedback.
- [ ] Repeated clicks on primary actions do not corrupt state.
- [ ] Loading or pending state is visible where async work happens.
- [ ] Failure path shows recoverable UI, not a crash.
- [ ] Small viewport, 375px width or equivalent, remains usable on the main screen.
Confidence
90% confidence
Finding
corrupt state

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.