Teamo Strategy

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only planning skill whose context requests and subtask delegation fit its stated purpose, though users should avoid sharing unnecessary sensitive files.

Before installing, treat this as a planning/delegation helper that may ask for detailed background files and create multiple internal subtasks. Upload only documents needed for the task, remove credentials or confidential data where possible, and set clear limits on detail level if very long outputs could create cost or review burden.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The skill hard-codes a Chinese-only requirement for `task_description` regardless of the user's language or deployment context. This can cause downstream agents or users to receive instructions in an unexpected language, increasing the chance of misunderstanding, incorrect task execution, and unsafe operator assumptions in multilingual environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal