Tech Stack Evaluation
Security checks across malware telemetry and agentic risk
Overview
This is a read-only guidance skill for evaluating a project's tech stack and does not include executable code, persistence, credentials, or hidden install behavior.
Install this if you want an agent to review a repository's architecture and tech stack. Run it only in the project you intend to assess, since its suggested commands inspect local filenames and source metrics, but the reviewed artifact does not request write access, credentials, persistence, or network activity.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.