using-harness

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, instruction-only workflow skill that may steer agents into a formal process but does not add code execution, data access, persistence, or credentials.

Install this only if you want the agent to apply a formal harness workflow across many task types. For routine troubleshooting or small tasks, consider requiring explicit opt-in and define the missing routing matrix, package format, verifier role, and governance approval boundaries before organizational use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill's trigger conditions are very broad, covering generic activities like project advancement, execution, verification, and delivery. This can cause the skill to activate in many unrelated contexts and silently impose its workflow constraints, reducing user agency and potentially redirecting tasks into an unnecessary or inappropriate process.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The description explicitly says to 'Force Harness mode' for decomposition, routing, execution, and verification, which mandates a single operating model without user choice or contextual justification. In an agent setting, this can override normal decision-making and steer work into rigid packaging and verifier flows even when unnecessary, creating process manipulation risk and possible denial of appropriate execution paths.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal