Meta Skill System

Security checks across malware telemetry and agentic risk

Overview

This is a broad methodology skill made of Markdown templates and references, with no executable code or hidden data access found.

Install only if you want a broad meta-methodology helper that may engage on general planning or task-execution prompts. Review its output before letting it create or modify skill files, and prefer explicit invocation when you want this framework applied.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger list includes broad generic phrases such as '任务执行' and '领域评估' that can match many ordinary user requests, causing the skill to activate outside its intended scope. Over-broad invocation increases the chance that a powerful meta-skill intercepts unrelated tasks, overrides more appropriate skills, or applies expansive workflow logic where it is unnecessary, which can enlarge attack surface and cause unintended behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal