Back to skill

Security audit

Find Skills Cn

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it can steer ordinary help requests toward installing third-party skills globally while skipping confirmation prompts.

Use this skill only when you explicitly want to find or install agent skills. Before installing anything it recommends, review the skill source and publisher, avoid global no-confirm installs unless you trust the package, and prefer a confirmed or scoped install flow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough to trigger on many generic help-seeking prompts, not just explicit requests to discover installable skills. This can cause the agent to steer users toward package discovery and installation unnecessarily, increasing exposure to third-party content and unintended tool use.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The activation conditions include ambiguous phrases like 'how do I do X' and 'can you do X', which are extremely common and not specific to skill discovery. In context, that makes the skill prone to over-activation and can route normal assistance requests into workflows that search for and recommend external packages.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill recommends installing third-party packages with `-g -y`, which performs a global system change and suppresses confirmation, but it provides no warning, trust verification, or requirement for explicit user consent. Because this skill is specifically about discovering external skills from open sources, the context materially increases risk of supply-chain abuse, unwanted system modification, and accidental installation of unreviewed code.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.