Back to skill

Security audit

Skill Creator

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed, purpose-aligned guide for creating and evaluating other skills, with some expected workflow side effects users should understand.

Before installing, review any generated or modified skills before making them active, keep trigger descriptions specific, and only run referenced helper scripts from a trusted skill-creator directory. Avoid using sensitive project data with untrusted MCPs, subagents, or browser viewers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The instruction to make descriptions 'a little bit pushy' explicitly encourages overbroad trigger conditions, which can cause the skill to activate for requests outside its intended scope. In a skill that can edit files, run scripts, launch viewers, and package artifacts, over-triggering increases the chance of unnecessary side effects and unsafe automation being applied to ordinary user requests.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs the agent to open browser pages, start background processes, and potentially write files without first obtaining explicit user consent at the moment those actions occur. These are real system-side effects, and surprising process launches or browser opens can violate user expectations and create privacy or operational risk, especially in remote or shared environments.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.