Input Refiner

Security checks across malware telemetry and agentic risk

Overview

This is a text-rewriting helper with broad activation examples, but it does not request hidden access, run code, collect data, or persist anything.

This skill appears safe to install for cleaning up rough prompts or long input. Because it can rewrite and prioritize a user's words, review the refined output before sending it onward, especially when exact wording or nuance matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases are very broad and map to ordinary editing or clarification requests, which can cause the skill to activate in many routine conversations where a simpler response would suffice. Over-broad invocation can lead to unintended rewriting of user input, loss of nuance, and misrouting to this skill instead of a more appropriate one, especially because the skill explicitly rewrites content based on nearby context.

VirusTotal

35/35 vendors flagged this skill as clean.

View on VirusTotal