Modelsense

Security checks across malware telemetry and agentic risk

Overview

ModelSense is a coherent model-advice skill, but it can proactively switch the active model or delegate work without a consistently required user confirmation.

Install only if you are comfortable with a skill influencing the model used for your session. Before use, require explicit confirmation for any model switch or sub-agent delegation, and review AGENTS.md because it currently encourages proactive early-session switching.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README states that ModelSense can 'auto-switch' the session model or 'delegate' to a sub-agent running the recommended model, but provides no warning, consent flow, or explanation of side effects. In an agent environment, changing execution context or delegating to external providers can alter data exposure, cost, permissions, and model behavior in ways the user may not expect.

Vague Triggers

Medium

Confidence: 77% confidence
Finding: The trigger conditions are broad enough to activate on many generic model-selection or comparison requests, which can cause the skill to engage unexpectedly and potentially steer conversations toward tool use, session switching, or task delegation. In this skill's context, that is more concerning because later sections allow changing the current session model or spawning delegated sessions, so overbroad invocation could produce unintended side effects or user confusion.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal