Draft Agent Loop

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Draft-based approval workflow, but users should understand that task journals are stored and potentially published through Draft.

Install this only if you want task plans and progress recorded in Draft. Avoid putting secrets, private personal data, proprietary code dumps, or sensitive command output in the Task Journal, and review the Draft CLI dependency and invite-code settings before using it for confidential work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The trigger condition 'high-stakes or complex enough to warrant human gates' is subjective and overly broad, which can cause the skill to activate without an explicit user request for this workflow. In an agent system, broad activation criteria can override user intent, route tasks into remote page publication flows unexpectedly, and increase exposure of task metadata to external systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal