Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Skill Sentinel
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed troubleshooting tool for auditing and repairing skill trigger descriptions, with no evidence of hidden persistence or data exfiltration.
Install only if you want help auditing or editing skill descriptions. Be aware that running the included script with --fix can modify SKILL.md files in the selected skills directory, so review changes before relying on the repaired metadata.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Rogue AgentSelf-Modification, Session Persistence
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)
Vague Triggers
Medium
- Confidence
- 97% confidence
- Finding
- The description activates on phrases like "skill doesn't activate," "skill not working," and "agent behavior seems to ignore available skills," plus proactive use after installing new skills. These conditions are broad and lack clear exclusion boundaries, increasing the chance of unintended invocation during ordinary support or debugging conversations.
Natural-Language Policy Violations
Low
- Confidence
- 85% confidence
- Finding
- The instruction to "Add multilingual keywords for non-English users" promotes locale-specific behavior, and the example includes Chinese keywords, but there is no accompanying user choice, opt-in, or documented locale justification. This can create an implicit language/locale policy issue if the skill behavior is adapted for specific languages by default.
Session Persistence
Medium
- Category
- Rogue Agent
- Content
**Bad:** `"Helps with documents."` — no trigger, just capability **Good:** `"Use when the user asks to extract form fields, fill, redact, or parse tables from a PDF file."` **Fix:** Rewrite using the Description Design Pattern below. ### 2. YAML Frontmatter Format Error
- Confidence
- 60% confidence
- Finding
- write using the Description Design Pattern below. ### 2. YAML Frontmatter Format Error Common breakages: - Colon in description breaks YAML parsing (GitHub #29981) - Missing `name:` or `description:
VirusTotal
65/65 vendors flagged this skill as clean.