pm-requirement-flow

Security checks across malware telemetry and agentic risk

Overview

This is a transparent PM workflow skill, but it can hand work to a separate local dispatch tool that should be reviewed before use.

Install only if you are comfortable with the separate claude-code-dispatch dependency. Before dispatching work, inspect its dispatch.sh script, keep --workdir limited to the intended project, and remove or avoid --permission-mode bypassPermissions if you want manual approval for tool actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger phrases are extremely broad (e.g. '需求', '开发', '开始项目') and can match ordinary conversation, causing the skill to activate in contexts where the user did not explicitly request this workflow. Because the skill includes dispatching work to another tool and recommends non-interactive execution, unintended activation increases the chance of unauthorized or unsafe task delegation.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal