Back to skill

Security audit

Promptify Skill

Security checks across malware telemetry and agentic risk

Overview

Promptify is an instruction-only prompt optimizer with disclosed codebase search, web search, and clipboard behavior that fit its stated purpose.

Install if you are comfortable with a prompt optimizer that may inspect relevant project files, ask clarifying questions, perform web searches for current practices, and copy generated output to the clipboard. Do not use +deep or +web, or broad auto-detected prompts, with secrets or private context you do not want processed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The example trigger phrase "Help me with this thing" is extremely broad and overlaps with normal conversational language, which can cause the skill to activate clarifying-question behavior in contexts the user did not explicitly intend. In an agent setting, overly broad routing heuristics can lead to unnecessary context gathering, prompt transformation, or downstream tool use based on ambiguous user input.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README describes smart auto-detection in broad terms without defining scope limits, confidence thresholds, or what happens when multiple triggers match. This ambiguity increases the risk of unintended behavior, especially because the skill may route into codebase research or web search, which expands access to sensitive context or external data without clear user intent.

Missing User Warnings

Low
Confidence
80% confidence
Finding
Automatically copying output to the clipboard modifies local user state and can overwrite sensitive clipboard contents without notice. While low severity, this can surprise users, interfere with workflows, and potentially expose or destroy previously copied secrets if the environment syncs clipboard history.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises broad invocation phrases like "improve this prompt," "optimize my prompt," and "make this clearer," which are common requests that can appear in many unrelated conversations. This can cause the skill to trigger unintentionally and intercept user intent, potentially redirecting benign requests into an agent workflow that performs clarifying, codebase, or web-research actions the user did not explicitly request.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are broad enough to activate on many ordinary requests about an existing project, which can cause the skill to inspect a codebase even when the user did not clearly request repository analysis. In a prompt-optimization skill, this increases the chance of unnecessary data exposure from local files and over-collection of context, especially if sensitive source, docs, or AI instruction files are included in the exploration process.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to perform web searches when the +web modifier is present, but it does not require explicit user notice or confirmation that external network access will occur. In prompt-optimization workflows, users may paste sensitive drafts, proprietary code prompts, or internal context, and this design increases the risk that such context influences or is transmitted during external lookups without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.