Back to skill

Security audit

🧠 Thinking Frameworks

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only reasoning framework skill with no code execution, data access, persistence, or hidden behavior.

Install this if you want structured reasoning frameworks available to your agent. Be aware it may activate on broad analysis requests, so use explicit framework names or commands when you want predictable behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill's natural-language triggers are broad enough that ordinary user requests for analysis, critique, or structured reasoning could unintentionally invoke this skill. Unintended invocation can override expected assistant behavior, cause prompt-routing confusion, and apply a framework the user did not actually request, which is especially relevant because this skill covers many overlapping trigger phrases.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.