Back to skill

Security audit

Token守护者

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed token-cost optimization skill with no executable artifacts, but users should be careful with cache, routing, and budget-changing commands.

Install only if you want an agent to manage token compression, caching, model routing, and budget behavior. Review or add confirmations for mode changes, cache clearing, and budget updates, especially in shared or cost-sensitive environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The natural-language triggers are broad enough to match ordinary user conversation such as requests about configuration, status, cache, or budget, which can cause the skill to activate or change behavior without clear user intent. In this skill, that matters because activation can alter compression, routing, cache state, and spending controls, creating unintended operational changes rather than direct code execution.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill exposes destructive or high-impact actions like clearing caches and changing budgets without any explicit warning about consequences or a confirmation step. Because this skill manages cost controls and cached responses, accidental invocation could erase useful state, reduce response quality, or disable guardrails that were meant to prevent overspending.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.