NVIDIA's SkillSpector is an open-source security scanner that analyzes AI skills for vulnerabilities by checking files against 64 attack patterns across 16 categories including prompt injection, data exfiltration, and privilege escalation; testing revealed that 26% of AI skills contain vulnerabilities and 5% appear malicious, with three tested skills (including an official marketplace skill) all scoring 100/100 critical due to patterns in documentation and helper scripts, though this represents a static scan rather than proof of actual exploits.
Install our extension to search inside any video instantly.
NVIDIA: Are these AI skills actually safe to use? #ai #security #nvidiaAdded:
I scanned three AI skills with NVIDIA's new security tool.
Every single one came back 100 out of 100 critical.
Let me show you what this tool actually is.
First, why it exists.
NVIDIA found that 26% of AI skills contained vulnerabilities.
5% look outright malicious.
And these skills get real access to your machine.
This is Skill Specter.
It's open source from NVIDIA.
Before you install a skill, it scans every file inside it.
The instructions, the helper scripts, the config.
It checks them against 64 known attack patterns grouped into 16 categories.
Everything from supply chain risks to tool misuse and data leaks.
Here's the dangerous stuff it looks for.
Prompt injection.
Data theft.
Privilege escalation.
Supply chain risks.
Hidden code execution.
And skills that grab far more access than they need. Using it is three steps.
Install it once.
Point it at a skill, a folder, a repo, a zip, or URL.
Then it scores the whole thing and tells you what to do.
The command is simple.
Skill Specter scan, then the path.
You get a report in your terminal or as markdown or JSON.
Now, the real results.
First, the Arkon skill.
19 separate findings.
Four of them high severity.
A risk score of 100, then two more.
Agent Browser, which ships real shell scripts.
And a brainstorming skill from the official marketplace.
Both also scored 100, but here's the honest part.
Most of these were patterns in docs and helper scripts.
Not proof of a real exploit.
It's a static scan.
A strong signal, not a final verdict.
So, I'm curious.
Three skills, including an official one, all scored 100. A real warning or is the scanner too strict? Tell me below.
Related Videos
BREAKING: Microsoft’s New Image Generating Model Beat Out GPT 1.5 and Nano Banana 2
aimmediahouse
122 views•2026-06-03
Are AI deceiving us? | Roman Yampolsky, Gleb Solomin #AI #science
shortsGlebSolomin
1K views•2026-06-02
Nvidia Bets Big On AI PCs | New Chip To Power Windows Laptops | Technology | AI Updates | N18S
cnnnews18
3K views•2026-06-01
AI Doesn't Create Bias — It Inherits It
UXEvolved
176 views•2026-06-01
Distributed Inference Challenges Explained #shorts
alexa_griffith
466 views•2026-05-31
[한글자막] OpenAI @ Replay 2026 | OpenAI는 Codex로 개발 방식을 어떻게 바꾸고 있을까요?
TechBridge-KR
1K views•2026-06-03
Starting & Test Driving JAKE'S Abandoned BUS from Subway Surfers | POV Restarting
RestartGaragePOV
4K views•2026-06-04
Building the Future of Voice-First Sovereign AI: Sarvam & NVIDIA
NVIDIA
3K views•2026-06-01
