Back to skill

Security audit

Ai Workflow Master

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only workflow helper with broad automation suggestions, but it does not install code, request credentials, or hide privileged behavior.

Install only if you want a broad productivity workflow helper. Before using it, decide which files, links, platforms, and business systems it may access, and require review before publishing content, scraping sites, processing customer conversations, or creating tickets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
96% confidence
Finding
The skill advertises very broad trigger phrases such as '做这个', '帮我搞定', '自动化', and '效率工具', which are common in ordinary conversation and not tightly bound to this skill’s specific function. This creates a high risk of unintended activation, causing the agent to enter an automation-oriented workflow when the user did not explicitly request this skill, which can amplify downstream actions like content generation, data handling, or workflow chaining without clear user intent.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation section defines ambiguous conditions using generic phrases without exclusion rules, contextual qualifiers, or confirmation gates. In a skill that can initiate multi-step pipelines, this ambiguity increases the chance of accidental invocation and unintended processing of user inputs, especially when requests merely mention efficiency or automation in a general sense.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes capabilities including web scraping, file reading, public data collection, customer-question handling, emotion analysis, and automatic ticket creation, but it does not present clear consent, privacy, authorization, or system-impact warnings. In practice, this could lead users or an integrating agent to collect or process personal, proprietary, or operational data without adequate notice or approval, and to trigger state-changing actions such as ticket creation without explicit confirmation.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.