Call Gemini 2 5 Pro Llm

Security checks across malware telemetry and agentic risk

Overview

The skill has no executable or credential access, but its instructions do not match its advertised Gemini-calling purpose and try to steer the agent into an unrelated brainstorming role.

Review this skill before installing. It appears low risk from a system-access standpoint because it is instruction-only, but users expecting a Gemini integration should prefer a skill that clearly explains when it runs, what model or API it calls, what data it sends, and how user instructions remain in control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description, "AI agent for call gemini 2 5 pro llm tasks," is extremely broad and does not constrain when the skill should be invoked or what specific tasks it is allowed to perform. In agent systems, vague invocation criteria can cause over-selection, inappropriate delegation, and accidental exposure of user data or workflow context to a more capable external model than intended.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal