Back to skill

Security audit

Promptify Skill

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-improvement helper with disclosed optional codebase lookup, web research, and clipboard-command output, and no evidence of hidden persistence, credential theft, exfiltration, or destructive behavior.

Install if you are comfortable with a prompt helper that may inspect relevant project files when +deep or auto-detection selects codebase research, and may use web search when +web or current/best-practices language is present. Review generated prompts before sharing them, and inspect any pbcopy command before running it so you do not overwrite clipboard contents or copy sensitive material unexpectedly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The auto-trigger example includes the broad phrase "Help me with this thing," which can match ordinary conversational text and cause the skill to activate or route behavior unexpectedly. In a prompt-optimization skill that can ask clarifying questions, inspect codebase context, or perform web search, overly broad activation increases the chance of unintended data exposure or unnecessary external actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README advertises web search, image analysis, conversation-context use, and clipboard copying without clearly warning users what data may be accessed, transmitted, or stored. In this skill context, those features can process sensitive prompts, screenshots, repository details, or prior conversation content, so missing disclosure and consent mechanisms create a real privacy and data-handling risk.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description uses broad phrases like 'improve this prompt', 'make this clearer', and vague references to unstructured prompts, which can cause the skill to activate on ordinary conversation that was not meant to invoke prompt optimization. In a system that can route to sub-agents, overly permissive invocation increases the chance of unintended data handling or unnecessary downstream tool use.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-detection signals for dispatching sub-agents are ambiguous and broad, using common phrases like 'best practices', 'latest', 'this project', or general ambiguity as triggers. This can cause unnecessary or unintended invocation of clarifier, codebase, or web-research agents, expanding access to tools and context beyond what the user explicitly requested.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions are broad enough to match common software-development phrasing such as references to a project, API, files, or refactoring. That can cause the agent to activate when the user did not explicitly request codebase exploration, leading to unnecessary access to repository context and increasing the chance of over-collection or unintended data exposure within the agent workflow.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger conditions are broad and map to common phrasing such as requests for 'best practices', 'modern approach', or version references like '2024' and '2025'. This can cause unintended invocation of web research for prompts that do not actually require external lookup, increasing the chance of unnecessary external data access, prompt scope expansion, and incorporation of untrusted web content into the skill’s output.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The skill instructs emitting `echo 'PROMPT' | pbcopy`, which copies content to the system clipboard without explicit user consent or disclosure at execution time. Clipboard writes can overwrite sensitive clipboard contents and create an unexpected side effect outside the chat context, especially if the optimized prompt contains private or proprietary data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.