Testing Plus

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only testing guide with purpose-aligned examples, though its load and security testing commands should only be used on authorized targets.

Before installing or using this skill, treat its load-testing and security-scanning snippets as examples for your own systems, staging environments, or targets where you have explicit permission. Be aware that tools like Snyk may send dependency metadata to an external service when run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill includes concrete load-testing and security-scanning commands that target networked services, but it does not warn users to run them only against systems they own or are explicitly authorized to test. In an agent-skill context, omission of authorization and safe-environment guidance can lead to misuse against production or third-party systems, causing service disruption, noisy scanning, or policy/legal violations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal