Forms And Validation

Security checks across malware telemetry and agentic risk

Overview

This skill is a text-only helper for building accessible forms and validation, with no evidence of hidden access or unsafe behavior.

Install this if you want guidance on form design and validation patterns. Be aware it may activate on broad mentions of forms, submission, or errors, and review generated validation/accessibility code against your project requirements before shipping.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The metadata description includes broad trigger terms such as “表单”, “校验”, and “form validation” without clear exclusion criteria, which can cause the skill to activate for generic product or engineering discussions that only loosely mention forms. In an agent-routing context, overbroad activation can misroute user requests, leading to irrelevant guidance, context leakage across skills, or suppression of a more appropriate specialist skill.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger section lists keywords and broad scenarios but does not specify when the skill should not activate, so ordinary conversations mentioning submission, errors, or controlled components may incorrectly invoke it. This ambiguity is risky in multi-skill systems because it increases unintended activation frequency and can degrade correctness or expose the user to the wrong operational guidance.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal