Security audit

Ux Researcher

Security checks across malware telemetry and agentic risk

Overview

No concrete harmful behavior is supported by the available evidence; the only issue is a minor risk that the skill could be invoked too broadly.

Before installing, review the trigger wording and invoke the skill only when you explicitly want that specialty. There is no artifact-backed reason here to treat it as malicious or to hold it for security review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The activation guidance is broad enough that the skill may be invoked whenever a user mentions the agent name or a related specialty, which can cause unintended routing or execution in multi-agent systems. While not overtly malicious, ambiguous triggering can expose downstream tools, alter workflow selection, or cause the wrong agent to handle sensitive user input.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal