Skill Security Scanner

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a security scanner, but its own scanning logic seems too superficial to support strong “safe” recommendations.

Use this only as a lightweight pre-check, not as a final security decision. Review the full skill bundle yourself, especially scripts and install steps, before trusting any “safe” verdict it produces.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The script presents itself as a security scanner but only greps SKILL.md and infers safety from documentation-like signals rather than analyzing executable behavior. This can produce dangerously misleading results by marking malicious skills as acceptable if they are well documented or hide harmful logic outside the markdown file.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The script computes a 'Trust Score' and boosts it based on repository path and other non-security indicators, then emits recommendations like 'Safe to use.' This creates a false sense of assurance that attackers could exploit by placing a malicious skill in a favored path or adding superficial positive markers to obtain a safer-looking verdict.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal